Update 2: ejabberd 2.0.5 is released to solve the problem with subscriptions.
Update: ejabberd 2.0.4 had a problem with subscriptions. If you are affected, you can use ejabberd 2.0.3, apply a patch or install ejabberd 2.0.5. More details in Problematic ejabberd 2.0.4.
There is yet another bugfix release in the 2.0.x line: ejabberd 2.0.4 announcement.
In the last two months several bugs were reported and fixed in varied parts of ejabberd. As mentioned in the ejabberd 2.0.4 release notes, the changes are:
- Ensure ID attribute in roster push is unique
- Authentication: Fix Anonymous auth when enabled with broken ODBC
- Authentication: Unquote correctly backslash in DIGEST-MD5 SASL responses
- Authentication: Cancel presence subscriptions on account deletion
- LDAP: Close a connection on tcp_error
- LDAP: Implemented queue for pending queries
- LDAP: On failure of LDAP connection, waiting is done on pending queue
- MUC: Owner of a password protected room must also provide the password
- MUC: Prevent XSS in MUC logs by linkifying only a few known protocols
- Privacy rules: Items are now processed in the specified order
- Privacy rules: Fix to correctly block subscription requests
- Proxy65: If ip option is not defined, take an IP address of a local hostname
- PubSub: Add roster subscription handling; send PEP events to all resources
- PubSub: Allow node creation without configure item
- PubSub: Requesting items on a node which exists, but empty returns an error
- PEP: Fix sending notifications to other domains and s2s
- S2S: Fix problem with encrypted connection to Gtalk and recent Openfire
- S2S: Workaround to get DNS SRV lookup to work on Windows machine
- Shared Roster Groups: Fix to not resend authorization request
- WebAdmin: Fix encryption problem for ejabberd_http after timeout
The source package and binary installers are in the download page.