Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 4524-1] dino-im security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4524-1] dino-im security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 4524-1] dino-im security update
  • Date: Mon, 16 Sep 2019 19:46:42 +0000
  • List-archive: https://lists.debian.org/msgid-search/20190916194642.4q66qfpbppqz7kpl AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Mon, 16 Sep 2019 19:46:57 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <XnwvUh8DP7B.A.WnH.wa-fdB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4524-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
September 16, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : dino-im
CVE ID : CVE-2019-16235 CVE-2019-16236 CVE-2019-16237

Multiple vulnerabilities have been discovered in the Dino XMPP client,
which could allow spoofing message, manipulation of a user's roster
(contact list) and unauthorised sending of message carbons.

For the stable distribution (buster), these problems have been fixed in
version 0.0.git20181129-1+deb10u1.

We recommend that you upgrade your dino-im packages.

For the detailed security status of dino-im please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/dino-im

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl1/5m4ACgkQEMKTtsN8
TjZoew//VzHzRJugquWiQMLE3U9FZ5gxST5PHZELo2Dra/dG/ZwCDEmN2D5LJQdw
y/mS5E8X7jxiDIBQkbbXqPlZZ2vMZYw/WM0uu8X1OyzVM2yk/TBaq2bhi81J4SCy
Nd87xICSAZFkfRAE8E97+PSvT8nPJ3BkqcFm59NrShPyS4rhc091E2pkYlGbOwCS
CTdenMWkJXlSZBwmg2zUoLWp7asGlM35OggZEVoexim+3hGO6mm15sejqH4TzuRa
UdwbsO/TtQhBsj/BDmnPfXwkjkwoM40xr2Yko+HD3QzZCQ4oE2SQ37weu9qB2UU3
qBLB0wsvD5JMwq4mEZYsB//WAMPt875WujEl85Z19ri0TEWUHSKCvtcUdlnAigiQ
YL6GkwwVRN3+mHKUvs4u4+kvuO2Uyr0aPjki0nKMTJp+aLPhug3xgGWuyGlX0BIT
0B5XW+BMEj/N4ynVN+1Z5EkfuzkrArwTs3cZlCJi5ILXO8iNBPhIbRFJxUUkbUv2
0bScafddSNVk2EyLPYo1vvNdMiq5hKr12jvgfX+Jq++XpJX5KPMHEHWZ03HqHfjF
avneQfQYGsyhyq1MmCNxzY/gLZ3DKh7yv+Tg0BbeC/UDTDjs41IgVquRlickHbI6
5D6JZMQCJDk9ShOwSPKF60DkER7E/Tga/r/ryjw1K3ftwfG30nw=
=93xm
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 4524-1] dino-im security update, Moritz Muehlenhoff, 16.09.2019

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang