FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

prosody -- user impersonation vulnerability

Affected packages
prosody < 0.9.10

Details

VuXML ID 50394bc9-c5fa-11e5-96a5-d93b343d1ff7
Discovery 2016-01-27
Entry 2016-01-28

The Prosody team reports:

Adopt key generation algorithm from XEP-0185, to prevent impersonation attacks (CVE-2016-0756)

References

CVE Name CVE-2016-0756
FreeBSD PR ports/206707
URL https://prosody.im/security/advisory_20160127/