Fedora alert FEDORA-2012-12481 (jabberd)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 16 Update: jabberd-2.2.14-4.fc16 | |
| Date: | Mon, 03 Sep 2012 00:48:18 +0000 | |
| Message-ID: | <20120903004820.40BC921134@bastion01.phx2.fedoraproject.org> | |
| Archive‑link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-12481 2012-08-22 20:34:47 -------------------------------------------------------------------------------- Name : jabberd Product : Fedora 16 Version : 2.2.14 Release : 4.fc16 URL : http://codex.xiaoka.com/wiki/jabberd2:start Summary : OpenSource server implementation of the Jabber protocols Description : The jabberd project aims to provide an open-source server implementation of the Jabber protocols for instant messaging and XML routing. The goal of this project is to provide a scalable, reliable, efficient and extensible server that provides a complete set of features and is up to date with the latest protocol revisions. jabberd2 is the next generation of the jabberd server. It has been rewritten from the ground up to be scalable, architecturally sound, and to support the latest protocol extensions coming out of the JSF. This package defaults to use pam and sqlite. -------------------------------------------------------------------------------- Update Information: included patch for "Vulnerability in XMPP Server Dialback Implementations" http://xmpp.org/resources/security-notices/server-dialback/ -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 22 2012 Adrian Reber <adrian@lisas.de> - 2.2.14-4 - included patch for "Vulnerability in XMPP Server Dialback Implementations" http://xmpp.org/resources/security-notices/server-dialback/ * Tue Jul 24 2012 Adrian Reber <adrian@lisas.de> - 2.2.14-3 - fixes "service jabberd restart fails on stopping s2s" (#730967) * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #850872 - CVE-2012-3525 jabberd: Prone to unsolicited XMPP Dialback attacks https://bugzilla.redhat.com/show_bug.cgi?id=850872 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update jabberd' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...