Date: Fri, 01 Jun 2018 10:23:11 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 228662] net-im/prosody Security Advisory Message-ID: <bug-228662-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D228662 Bug ID: 228662 Summary: net-im/prosody Security Advisory Product: Ports & Packages Version: Latest Hardware: Any URL: https://prosody.im/security/advisory_20180531/ OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: lx@FreeBSD.org Reporter: freebsdbugs@filis.org Flags: maintainer-feedback?(lx@FreeBSD.org) Assignee: lx@FreeBSD.org Due to insufficient validation of client-provided parameters during XMPP st= ream restarts, authenticated users may override the realm associated with their session, potentially bypassing security policies and allowing impersonation. All users should upgrade to at least 0.9.14, 0.10.2 https://issues.prosody.im/1147 --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-228662-7788>