Format: 1.8
Date: Sun, 30 Jan 2022 14:55:34 +0000
Source: prosody
Architecture: source
Version: 0.11.4-1ubuntu0.1~jdstrand1
Distribution: focal
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Changed-By: Jamie Strandboge <jdstrand@ubuntu.com>
Changes:
 prosody (0.11.4-1ubuntu0.1~jdstrand1) focal; urgency=medium
 .
   * SECURITY UPDATE: mod_proxy65: Restrict access to local c2s connections by
     default. Patch thanks to Debian
     - 0006-CVE-2021-32917.patch
   * SECURITY UPDATE: adjust default settings to impose limits to guard against
     unauthenticated DoS. Patch thanks to Debian
     - 0007-CVE-2021-32918.patch
   * SECURITY UPDATE: mod_dialback: Use correct host for certificate check.
     Patch thanks to Debian
     - 0008-CVE-2021-32919.patch
   * SECURITY UPDATE: disable SSL/TLS renegotiation be default. Patch thanks to
     Debian
     - 0009-CVE-2021-32920.patch
   * SECURITY UPDATE: Add and use constant-time string comparison (binding to
     CRYPTO_memcmp). Patch thanks to Debian
     - 0010-CVE-2021-32921.patch
   * SECURITY UPDATE: don't expose entity lists to non chat members
     - 0011-CVE-2021-37601.patch
   * SECURITY UPDATE: restrict XML features allowed in parsed XML data. Patch
     thanks to Debian
     - 0012-CVE-2022-0217.patch
   * 0013-CVE-2022-0217-fix-memory-leak.patch: fix memory leak introduced in
     0012-CVE-2022-0217.patch. Patch thanks to Debian.
Checksums-Sha1:
 cda1e9f73a4baf4b9e843edc38d615f1d9238d4e 2288 prosody_0.11.4-1ubuntu0.1~jdstrand1.dsc
 f80bf3661e667dcb3dc3310fd7b1aa9dc15b77b2 38664 prosody_0.11.4-1ubuntu0.1~jdstrand1.debian.tar.xz
 0d63585bad22b144172efc1804a0ab4aac5f5cf4 6939 prosody_0.11.4-1ubuntu0.1~jdstrand1_source.buildinfo
Checksums-Sha256:
 9dafba0d632c577d3695e31d01301917fb42d0d505e33911b6fc7b75fb1eeaad 2288 prosody_0.11.4-1ubuntu0.1~jdstrand1.dsc
 6722c3836f69d79b44d1310ba13a7d5b932945e34a6d00a971dca4df397bbc34 38664 prosody_0.11.4-1ubuntu0.1~jdstrand1.debian.tar.xz
 0df19c61119e564ea4b6b0ef2e72fed26d7bb57b990744085283d9f7d0200cc7 6939 prosody_0.11.4-1ubuntu0.1~jdstrand1_source.buildinfo
Files:
 dd0ecd6a2cb552b54c0f11e6160775de 2288 net optional prosody_0.11.4-1ubuntu0.1~jdstrand1.dsc
 0ee0f1d265f6d6fb31d190b8016c267d 38664 net optional prosody_0.11.4-1ubuntu0.1~jdstrand1.debian.tar.xz
 80ccde2147afba630ea3f1265088d965 6939 net optional prosody_0.11.4-1ubuntu0.1~jdstrand1_source.buildinfo
Original-Maintainer: Debian XMPP Maintainers <pkg-xmpp-devel@lists.alioth.debian.org>