Comment 2 for bug 1866115

This bug was fixed in the package dino-im - 0.0.git20180130-1ubuntu0.1

---------------
dino-im (0.0.git20180130-1ubuntu0.1) bionic-security; urgency=high

  * Cherry pick upstream security fixes (LP: #1866113)
    - SECURITY UPDATE: Fix check of source of a carbons message (CVE-2019-16235)
    - SECURITY UPDATE: Check roster push authorization (CVE-2019-16236)
    - SECURITY UPDATE: Fix check of source of MAM message (CVE-2019-16237)
  * Accept IV sizes of 12 in addition to 16 to enable reading messages
    sent from clients using 12-byte IVs again (LP: #1866115)

 -- Julian Andres Klode <email address hidden> Wed, 04 Mar 2020 15:20:07 +0100