MGASA-2016-0433

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0433.html

Import Source

https://advisories.mageia.org/MGASA-2016-0433.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2016-0433

Related

CVE-2016-9928

Published

2016-12-30T22:22:42Z

Modified

2016-12-30T22:13:09Z

Summary

Updated mcabber packages fix security vulnerability

Details

It was discovered that there was a "roster push attack" vulnerability in mcabber, a console-based Jabber (XMPP) client. A remote attacker can modify the roster and intercept messages via a crafted roster-push IQ stanza (CVE-2016-9928).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / mcabber

Package

Name: mcabber
Purl: pkg:rpm/mageia/mcabber?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.10.1-9.1.mga5

Ecosystem specific

{
    "section": "core"
}