|
|
Subscribe / Log in / New account

Debian-LTS alert DLA-724-1 (mcabber)



From:
    	      Chris Lamb <lamby@debian.org> 


To:
    	      debian-lts-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DLA 724-1] mcabber security update 


Date:
    	      Sun, 27 Nov 2016 11:13:12 +0100


Message-ID:
    	      <1480241592.1711392.800165089.2C944179@webmail.messagingengine.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : mcabber
Version        : 0.10.1-3+deb7u1
Debian Bug     : 845258

It was discovered that there was a "roster push attack" [0] in mcabber, a
console-based Jabber (XMPP) client.

For Debian 7 "Wheezy", this issue has been fixed in mcabber version
0.10.1-3+deb7u1.

We recommend that you upgrade your mcabber packages.

  [0] https://gultsch.de/gajim_roster_push_and_message_intercep...


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlg6saUACgkQHpU+J9Qx
HljsgxAAv09RpM279VdhDczggkjLnckhbIndLE4yMIM0GmfnSVhICyrZ/JSpsrx4
uMuCYOJXGpxcQ/ZED7pVtl6CgDhDxuYGUKVrqyOHVEWk+O6OnIxu53UyT4epQbzu
I9dY8JoToT4t24KMys4kdC3CmmLzNq9XVv9feSJ/jpuFWSHvQXFvryxlLMbybuy6
gm3bneX8iIiz7D6vl6CltIuJbCLUOhbxRgrkEuup2xLdQLT+dY//NPZAJ69LqsVK
iMLtI81dtMCq2KM9+mKsBg3aUs+5Hz1z8Ml17kcNwfRhW8Ar+Brh8koutj8rWebw
PW/PneMIlikzreozUqaWMVeW7kQOdCYLR/ssGhVoOXCDClah4KFCwNGUg7DHw6oi
Z8YOvSy5WB/v2kgmlXwO136gCLiaoMw6Gu4IJ8WW7Lr9sZi194K8hGNZgh+Q17kj
PCl8XVvQ9u00qXJQTfUTt6Nkz1cbLQSG5kfpfgxnT3anJEMJki/spkk6PL6aCy3n
d7Z55htq3/44Eie4iWMSDFReOixZUBFQ1QaqqgmJhCQPoTPz6c4VJIsTrMAs5jP5
nks6BDKL5BybaAzmi2aTbOuFt/46Mp5SL5iqpMhgkSKZSKYP7iaoPFbBsCoMMyvN
cnaoQvhVLdS2NHjm8bJdMmVsruKKtB72zH7NoYNnyOb623nvhi4=
=mVwu
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds