https://bugzilla.redhat.com/show_bug.cgi?id=1153839
Bug ID: 1153839
Summary: CVE-2014-8760 ejabberd: clients can unexpectedly
connect without encryption
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: mmcallis(a)redhat.com
CC: erlang(a)lists.fedoraproject.org,
extras-orphan(a)fedoraproject.org, jkaluza(a)redhat.com,
lemenkov(a)gmail.com, martin(a)laptop.org,
mmahut(a)redhat.com
It was reported that clients could unexpectedly connect without encryption:
http://mail.jabber.org/pipermail/operators/2014-October/002438.html
Upstream fix (master):
https://github.com/processone/ejabberd/commit/7bdc1151b
References:
http://seclists.org/oss-sec/2014/q4/312
--
You are receiving this mail because:
You are on the CC list for the bug.