Ubuntu
mcabber package

Change logs for mcabber source package in Artful

  1. Artful (17.10)
  2. Change log 
  • mcabber (1.0.4-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix CVE-2017-5604:
    An incorrect implementation of XEP-0280: Message Carbons in mcabber allows
    a remote attacker to impersonate any user, including contacts, in the
    vulnerable application's display. This allows for various kinds of social
    engineering attacks. (Closes: #854738)

 -- Markus Koschany <email address hidden>  Sun, 26 Feb 2017 18:42:08 +0100
  • mcabber (1.0.4-1) unstable; urgency=medium

  * New upstream version which fixes roster push attacks (CVE-2016-9928,
    closes: #845258)

 -- Franziska Lichtblau <email address hidden>  Tue, 20 Dec 2016 13:50:12 +0100