Brief description
We request to upgrade ejabberd from version 24.12 to 25.4.
WHY: The current version (24.12) contains known vulnerabilities and lacks the latest security patches and features.
PURPOSE: Ensure the system benefits from upstream security fixes, stability improvements, and compatibility with recent XMPP clients.
Proposed solution
Update the ejabberd package in the repository to version 25.4, test backward compatibility, and validate basic functionality (e.g., federation, authentication, group chats).
Alternative solutions
Keeping the current version is not advised due to unresolved CVEs. Backporting individual patches is complex and less maintainable.
Additional context
ejabberd 25.4 includes critical security fixes and performance enhancements.
We rely on ejabberd as a core communication component and must ensure its integrity.
See also
ejabberd changelog
Brief description
We request to upgrade ejabberd from version 24.12 to 25.4.
WHY: The current version (24.12) contains known vulnerabilities and lacks the latest security patches and features.
PURPOSE: Ensure the system benefits from upstream security fixes, stability improvements, and compatibility with recent XMPP clients.
Proposed solution
Update the ejabberd package in the repository to version 25.4, test backward compatibility, and validate basic functionality (e.g., federation, authentication, group chats).
Alternative solutions
Keeping the current version is not advised due to unresolved CVEs. Backporting individual patches is complex and less maintainable.
Additional context
ejabberd 25.4 includes critical security fixes and performance enhancements.
We rely on ejabberd as a core communication component and must ensure its integrity.
See also
ejabberd changelog