Issues
- Admin Console Cross Site Request Forgery (CSRF) VulnerabilityOF-777Resolved issue: OF-777Dave Cridland
- MUC Service sends "disturbing" service messages.OF-742Resolved issue: OF-742csh
- Openfire cannot deal with SASL <abort/>OF-734Resolved issue: OF-734Guus der Kinderen
- OF should not silently close a connection, when receiving a message without 'to' attributeOF-733Resolved issue: OF-733Guus der Kinderen
- OF drops <status> and nickname in presence subscription requestOF-732
- HybridUserProvider does not initialize correctlyOF-731Resolved issue: OF-731Tom Evans
- Migrate operational configuration properties from openfire.xml to DBOF-730Resolved issue: OF-730Tom Evans
- Upgrade Hazelcast plugin to latest release version (3.1.x)OF-729Resolved issue: OF-729Tom Evans
- Openfire must return a service-unavailable error when blocking an IQ of type get or set because of a privacy list. OF should return error if a message stanza is blockedOF-725Resolved issue: OF-725Florian Schmaus
- Privacy Lists should not block stanzas from serviceOF-724
- Change deprecated SET OPTION to SET to support newest MySQL 5.6 versionsOF-723Resolved issue: OF-723Guus der Kinderen
- Openfire should save XEP-0184 delivery receipts as offline messageOF-722Guus der Kinderen
- Roster deletion of userB by userA should not remove userA from userB's rosterOF-720Resolved issue: OF-720Guus der Kinderen
- Userservice plugin leaves user roster items in DB when user is deletedOF-719Resolved issue: OF-719Dele Olajide
- Fix Debian initscript to support more JAVA_HOME pathsOF-718Resolved issue: OF-718Daryl Herzmann
- The BOSH implementation should include a 'from' attribute in its session creation response.OF-717Resolved issue: OF-717Guus der Kinderen
- Add Jitsi Videobridge plugin to Openfire pluginsOF-716Resolved issue: OF-716Dele Olajide
- Update Openfire bouncycastle library from 1.46 to 1.49OF-715Resolved issue: OF-715Dele Olajide
- Add ability to encrypt properties so they are encrypted in the db and do not appear in the admin console.OF-714Resolved issue: OF-714Tom Evans
- secure OpenfireOF-713Resolved issue: OF-713Guus der Kinderen
- Update the xmpp.org wiki for OpenfireOF-712Resolved issue: OF-712
- Upgrade bundled JRE to the latest versionOF-710Resolved issue: OF-710Guus der Kinderen
- Update Jetty from 7.4 to 9.1OF-709Resolved issue: OF-709Dele Olajide
- Update build.xml to support Ant 1.9OF-708Resolved issue: OF-708Guus der Kinderen
- Allow to set a number of days for empty rooms to show up in the list (multiple conference services)OF-707
- Openfire does not close the stream with a stream error if the namespace is not 'http://etherx.jabber.org/streams'OF-706Resolved issue: OF-706Guus der Kinderen
- Admin console (XSS) vulnerability lets attacker change admin password or create new adminOF-705Resolved issue: OF-705Tom Evans
- Make LDAP connection timeout configurableOF-704Resolved issue: OF-704Alex Mateescu
- Better group properties handlingOF-701Resolved issue: OF-701Alex Mateescu
- Add a method to refresh a MUC roomOF-700Resolved issue: OF-700Alex Mateescu
- Race condition during cluster initialization (Hazelcast plugin)OF-699Resolved issue: OF-699Tom Evans
- Bump version on all bundled openfire plugins, bump min version due to distributing java6 binaries nowOF-698Resolved issue: OF-698Daryl Herzmann
- Upper- vs. lowercase in LDAP groupsOF-696
- openfire init script target reload should not call restartOF-693Resolved issue: OF-693Daryl Herzmann
- Node column in ofSecurityAuditLog table should accept NULL entriesOF-692Resolved issue: OF-692Tom Evans
- MUC topic permits javascript payloadsOF-687Resolved issue: OF-687Guus der Kinderen
- Anonymous registration permits name with javascript payloadOF-686Resolved issue: OF-686Guus der Kinderen
- Subscription plugin isn't automatically accepting authorization requestsOF-685Resolved issue: OF-685
- Fastpath plugin is not sending a Workgroup form to an agent using SparkOF-683Resolved issue: OF-683
- Add Portuguese translationOF-682Resolved issue: OF-682Daryl Herzmann
- Add ability to search plugin to be able to restrict searching for users to only the group a user is inOF-681Resolved issue: OF-681Leon Roy
- Packet Filter Plugin does not allow creation of wildcard rulesOF-680Resolved issue: OF-680Leon Roy
- Packet Filter - Add option for "All Groups" and auto creation of rules based on Openfire Group SettingsOF-679Resolved issue: OF-679Leon Roy
- Monitoring Plugin - Ever expanding IndexOF-678Resolved issue: OF-678Leon Roy
- Monitoring Plugin - "Null" reappearing in Archive for Message BodyOF-677Resolved issue: OF-677Leon Roy
- Add a comment about restarting in Managing Plugins section of documentationOF-675Resolved issue: OF-675Daryl Herzmann
- Support RFC 6120, 6121, 6122OF-642Resolved issue: OF-642Florian Schmaus
- javax.net.ssl.SSLException: Received fatal alert: bad_record_macOF-496Resolved issue: OF-496Guus der Kinderen
- Some unicode pattern in status message can break the session connectionOF-455Resolved issue: OF-455Guus der Kinderen
- BOSH too picky about content-type with requestsOF-410Resolved issue: OF-410Guus der Kinderen
50 of 53
