Login
Newsletter
Werbung

Sicherheit: Mangelnde Prüfung von Zertifikaten in smack
Aktuelle Meldungen Distributionen
Name: Mangelnde Prüfung von Zertifikaten in smack
ID: FEDORA-2014-16312
Distribution: Fedora
Plattformen: Fedora 21
Datum: Sa, 13. Dezember 2014, 10:45
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0363
Applikationen: smack

Originalnachricht

Name        : smack
Product : Fedora 21
Version : 3.2.2
Release : 8.fc21
URL : http://www.igniterealtime.org/projects/smack/index.jsp
Summary : Open Source XMPP (Jabber) client library
Description :
Smack is an Open Source XMPP (Jabber) client library for instant
messaging and presence. A pure Java library, it can be embedded
into your applications to create anything from a full XMPP client
to simple XMPP integrations such as sending notification messages and
presence-enabling devices.

-------------------------------------------------------------------------------
-
Update Information:

fix for CVE-2014-0363 (rhbz#1093274)
-------------------------------------------------------------------------------
-
ChangeLog:

* Thu Dec 4 2014 gil cattaneo <puntogil@libero.it> 3.2.2-8
- fix for CVE-2014-0363 (rhbz#1093274)
- remove jzlib systemPath in smackx pom
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1093273 - CVE-2014-0363 smack: incorrect X.509 certificate
validation
https://bugzilla.redhat.com/show_bug.cgi?id=1093273
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update smack' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung