Login
Newsletter
Werbung

Sicherheit: Mangelnde Prüfung von Zertifikaten in smack
Aktuelle Meldungen Distributionen
Name: Mangelnde Prüfung von Zertifikaten in smack
ID: FEDORA-2014-16383
Distribution: Fedora
Plattformen: Fedora 20
Datum: Mo, 15. Dezember 2014, 07:39
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0363
Applikationen: smack

Originalnachricht

Name        : smack
Product : Fedora 20
Version : 3.2.2
Release : 6.fc20
URL : http://www.igniterealtime.org/projects/smack/index.jsp
Summary : Open Source XMPP (Jabber) client library
Description :
Smack is an Open Source XMPP (Jabber) client library for instant
messaging and presence. A pure Java library, it can be embedded
into your applications to create anything from a full XMPP client
to simple XMPP integrations such as sending notification messages and
presence-enabling devices.

-------------------------------------------------------------------------------
-
Update Information:

fix for CVE-2014-0363 (rhbz#1093274)
-------------------------------------------------------------------------------
-
ChangeLog:

* Thu Dec 4 2014 gil cattaneo <puntogil@libero.it> 3.2.2-6
- fix for CVE-2014-0363 (rhbz#1093274)
- remove jzlib systemPath in smackx pom
* Thu Aug 21 2014 gil cattaneo <puntogil@libero.it> 3.2.2-5
- fix for CVE-2014-5075 (rhbz#1127277)
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1093273 - CVE-2014-0363 smack: incorrect X.509 certificate
validation
https://bugzilla.redhat.com/show_bug.cgi?id=1093273
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update smack' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung