* Cherry pick upstream security fixes (LP: #1866113)
- SECURITY UPDATE: Fix check of source of a carbons message (CVE-2019-16235)
- SECURITY UPDATE: Check roster push authorization (CVE-2019-16236)
- SECURITY UPDATE: Fix check of source of MAM message (CVE-2019-16237)
* Accept IV sizes of 12 in addition to 16 to enable reading messages
sent from clients using 12-byte IVs again (LP: #1866115)
-- Julian Andres Klode <email address hidden> Wed, 04 Mar 2020 15:20:07 +0100
This bug was fixed in the package dino-im - 0.0.git20180130 -1ubuntu0. 1
--------------- 0-1ubuntu0. 1) bionic-security; urgency=high
dino-im (0.0.git2018013
* Cherry pick upstream security fixes (LP: #1866113)
- SECURITY UPDATE: Fix check of source of a carbons message (CVE-2019-16235)
- SECURITY UPDATE: Check roster push authorization (CVE-2019-16236)
- SECURITY UPDATE: Fix check of source of MAM message (CVE-2019-16237)
* Accept IV sizes of 12 in addition to 16 to enable reading messages
sent from clients using 12-byte IVs again (LP: #1866115)
-- Julian Andres Klode <email address hidden> Wed, 04 Mar 2020 15:20:07 +0100