[ubuntu/zesty-proposed] sleekxmpp 1.3.1-6 (Accepted)
Julian Taylor
jtaylor.debian at googlemail.com
Tue Apr 11 20:22:06 UTC 2017
sleekxmpp (1.3.1-6) unstable; urgency=medium
* Fix CVE-2017-5591:
An incorrect implementation of XEP-0280: Message Carbons in slixmpp allows
a remote attacker to impersonate any user, including contacts, in the
vulnerable application's display. This allows for various kinds of social
engineering attacks. (Closes: #854739)
* Use ssl.get_protocol_name() to find out which TLS version is
in use (allows the latest TLS versions to be used as well as any future
versions). (Closes: #851900)
Date: 2017-04-03 04:15:46.097487+00:00
Signed-By: Julian Taylor <jtaylor.debian at googlemail.com>
https://launchpad.net/ubuntu/+source/sleekxmpp/1.3.1-6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Zesty-changes
mailing list