[Buildroot] [PATCH 1/1] prosody: security bump to version 0.10.2
Peter Korsgaard
peter at korsgaard.com
Mon Nov 26 16:11:57 UTC 2018
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> This fixes a cross-host authentication vulnerability, CVE-2018-10847.
> The issue affects Prosody instances that have multiple virtual hosts
> (including anonymous authenticated hosts):
> https://blog.prosody.im/prosody-0-10-2-security-release
> A full security advisory is available at
> https://prosody.im/security/advisory_20180531
> Compute hashes locally as they are no more available on
> https://prosody.im/downloads/source/{MD5,SHA1,SHA256,SHA512}SUMS
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed to 2018.08.x, thanks.
2018.02.x is using prosody 0.9.12, so I will instead bump that to
0.9.14.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list