From 669580ca87d3d104563d9fefd097d8675ca11dd1 Mon Sep 17 00:00:00 2001 From: David Thiel Date: Thu, 28 Jan 2016 21:00:55 +0000 Subject: vuxml for prosody CVE-2016-0756. PR: 206707 Submitted by: Anton Shestakov --- security/vuxml/vuln.xml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 45e7de28efdb..066ff66869ac 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,34 @@ Notes: --> + + prosody -- user impersonation vulnerability + + + prosody + 0.9.10 + + + + +

The Prosody team reports:

+
Adopt key generation algorithm from XEP-0185, to + prevent impersonation attacks (CVE-2016-0756)
+

+ + + + ports/206707 + CVE-2016-0756 + https://prosody.im/security/advisory_20160127/ + + + 2016-01-27 + 2016-01-28 + + + openssl -- multiple vulnerabilities -- cgit v1.2.3