FEDORA-EPEL-2016-5a2146a2dd created by robert 3 years ago for Fedora EPEL 5
stable

Prosody 0.9.10

A summary of changes in this release:

Security

  • mod_dialback: Adopt key generation algorithm from XEP-0185, to prevent impersonation attacks (CVE-2016-0756)

Fixes and improvements

  • Startup: Open /dev/urandom read-only, to fix a failure to start on some systems (fixes #585)
  • Networking: Improve handling of the 'select' network backend running out of file descriptors

Minor changes

  • Networking: Increase default internal read size to prevent connections stalling with LuaEvent (see #583)
  • DNS: Discard queries that failed to send due to connection errors (fixes #598)
  • c2s, s2s: Lower priority of shutdown handler, so that modules such as MUC can always send shutdown notifications to (remote) users (fixes #601)

This update has been submitted for testing by robert.

3 years ago

robert edited this update.

3 years ago

This update has been pushed to testing.

3 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

3 years ago

This update has been submitted for stable by robert.

3 years ago

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
1
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
modified
3 years ago
BZ#1302463 CVE-2016-0756 prosody: mod_dialback allows impersonation attacks
0
0
BZ#1302566 CVE-2016-0756 prosody: mod_dialback allows impersonation attacks [epel-all]
0
0

Automated Test Results