We are pleased to announce a new minor release from our stable branch.
This is a security release that addresses a denial-of-service vulnerability in Prosody’s mod_websocket. For more information, refer to the 20220113 advisory.
A summary of changes in this release:
- util.xml: Do not allow doctypes, comments or processing instructions
As usual, download instructions for many platforms can be found on our download page
If you have any questions, comments or other issues with this release, let us know!
Prosody is a lightweight and flexible XMPP server designed with ease-of-use and extensibility in mind.