|
|
@@ -1,3 +1,36 @@
|
|
|
+## stable-4384
|
|
|
+
|
|
|
+Based on stable release 4384.
|
|
|
+
|
|
|
+* 1ffd472 security: add script to generate strong passwords
|
|
|
+* a015710 security: don't provide default passwords
|
|
|
+* aaec22d jigasi: fix typo in config
|
|
|
+* ebfa142 docs: fix grammar and typos
|
|
|
+* bab77e0 doc: update env.example
|
|
|
+* 7652807 examples: traefik v2
|
|
|
+* 10983b4 prosody: prevent item-not-found error in certain cases
|
|
|
+* 3524a52 base: fail to start the container if the init script fails
|
|
|
+* 7c0c795 jicofo: only configure Jigasi brewery if Jigasi is configured
|
|
|
+* 40c2920 build: add prepare command
|
|
|
+* 93ba770 prosody: fix installing prosody from the right repository
|
|
|
+* 3c07d76 doc: improve wording of README
|
|
|
+* ed410d9 doc: fix typo
|
|
|
+* fabfb2a doc: fix typo
|
|
|
+* 5e6face web: use PUBLIC_URL for etherpaad base and BOSH URLs
|
|
|
+* 264df04 jvb: switch to using Jitsi's STUN server by default
|
|
|
+* 655cf6b web,prosody,jvb: prepare for new stable release
|
|
|
+* ebb4536 doc: update CHANGELOG
|
|
|
+* 06c3a83 doc: fix references to running behind NAT in the README
|
|
|
+
|
|
|
+**Important security note: ** Previous releases included default passwords for
|
|
|
+system accounts, and users who didn't change them are at risk of getting
|
|
|
+the authentication system circumvented by an attacker using a system account
|
|
|
+with the default password. Please update and use the provided script
|
|
|
+(instructions on the README) to generate a strong password for each system
|
|
|
+account.
|
|
|
+
|
|
|
+Thanks joernchen for the security report.
|
|
|
+
|
|
|
## stable-4101-2
|
|
|
|
|
|
Based on stable release 4101.
|
Saúl Ibarra Corretgé