[Bug 228662] net-im/prosody Security Advisory
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri Jun 1 10:23:13 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228662
Bug ID: 228662
Summary: net-im/prosody Security Advisory
Product: Ports & Packages
Version: Latest
Hardware: Any
URL: https://prosody.im/security/advisory_20180531/
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: lx at FreeBSD.org
Reporter: freebsdbugs at filis.org
Flags: maintainer-feedback?(lx at FreeBSD.org)
Assignee: lx at FreeBSD.org
Due to insufficient validation of client-provided parameters during XMPP stream
restarts, authenticated users may override the realm associated with their
session, potentially bypassing security policies and allowing impersonation.
All users should upgrade to at least 0.9.14, 0.10.2
https://issues.prosody.im/1147
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list