[ubuntu/vivid-security] prosody 0.9.7-2+deb8u3build0.15.04.1 (Accepted)

Tyler Hicks tyhicks at canonical.com
Mon Feb 1 19:48:24 UTC 2016

prosody (0.9.7-2+deb8u3build0.15.04.1) vivid-security; urgency=medium

  * fake sync from Debian

prosody (0.9.7-2+deb8u3) jessie-security; urgency=high

  * CVE-2016-0756: insecure dialback key generation/validation algorithm
  * Fix for regression introduced in the previous CVE-2016-1232 fix:
    s2s doesn't work if /dev/urandom is read-only.

Date: 2016-02-01 17:07:17.287790+00:00
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: MattJ <mwild1 at gmail.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Vivid-changes mailing list