stable

prosody-0.9.10-1.fc23

FEDORA-2016-5a5c85c5a8 created by robert 9 years ago for Fedora 23

Prosody 0.9.10

A summary of changes in this release:

Security

  • mod_dialback: Adopt key generation algorithm from XEP-0185, to prevent impersonation attacks (CVE-2016-0756)

Fixes and improvements

  • Startup: Open /dev/urandom read-only, to fix a failure to start on some systems (fixes #585)
  • Networking: Improve handling of the 'select' network backend running out of file descriptors

Minor changes

  • Networking: Increase default internal read size to prevent connections stalling with LuaEvent (see #583)
  • DNS: Discard queries that failed to send due to connection errors (fixes #598)
  • c2s, s2s: Lower priority of shutdown handler, so that modules such as MUC can always send shutdown notifications to (remote) users (fixes #601)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2016-5a5c85c5a8

This update has been submitted for testing by robert.

9 years ago

robert edited this update.

9 years ago

This update has been pushed to testing.

9 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

9 years ago

This update has been submitted for stable by robert.

9 years ago

This update has been pushed to stable.

9 years ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
1
Stable by Time
disabled
Dates
submitted
9 years ago
in testing
9 years ago
in stable
9 years ago
modified
9 years ago
BZ#1302463 CVE-2016-0756 prosody: mod_dialback allows impersonation attacks
0
0
BZ#1302565 CVE-2016-0756 prosody: mod_dialback allows impersonation attacks [fedora-all]
0
0

Automated Test Results