prosody: security bump to version 0.10.2 (0b950434) · Commits · Arm Reference Solutions / buildroot

Commit 0b950434 authored Nov 18, 2018 by Fabrice Fontaine Committed by Peter Korsgaard Nov 18, 2018

prosody: security bump to version 0.10.2

This fixes a cross-host authentication vulnerability, CVE-2018-10847.
The issue affects Prosody instances that have multiple virtual hosts
(including anonymous authenticated hosts):
https://blog.prosody.im/prosody-0-10-2-security-release

A full security advisory is available at
https://prosody.im/security/advisory_20180531

Compute hashes locally as they are no more available on
https://prosody.im/downloads/source/{MD5,SHA1,SHA256,SHA512}SUMS



Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

parent 305e4487

Hide whitespace changes

Inline Side-by-side

Please register or to comment