Package: ejabberd
Version: 2.1.11-1
Followup-For: Bug #747673
Upstream added a configuration option to change allowed ciphers:
https://github.com/processone/ejabberd/commit/1dd94ac0d06822daa8c394ea2da20d91c8209124
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a
Hi,
ejabberd 2.1.11-1 is pretty much useless by now, look at the RC bugs
#746029 and #746073.
Nevertheless I would like to know how you retrieved this information and
if it still applies to 14.05.
If so I will forward it to upstream, although you're welcome to do it
yourself at
Package: ejabberd
Version: 2.1.11-1
Severity: grave
Tags: security
When setting up ejabberd with a default configuration it allows only connections
with a weak SSL configuration - if this is even configured:
1. By default ejabberd allows SSLv3 which is broken in various ways
and thus should
3 matches
Mail list logo
