[Bug 1532943] Re: CVE-2016-1231 and CVE-2016-1232

Launchpad Bug Tracker Tue, 12 Jan 2016 19:26:52 -0800

This bug was fixed in the package prosody - 0.9.8-1ubuntu0.1

---------------
prosody (0.9.8-1ubuntu0.1) wily-security; urgency=medium


  * SECURITY UPDATE: path traversal vulnerability in mod_http_files
    - debian/patches/0008-CVE-2016-1231.patch
    - CVE-2016-1231
    - LP: #1532943
  * SECURITY UPDATE: use of weak PRNG in generation of dialback secrets
    - debian/patches/0009-CVE-2016-1232.patch
    - CVE-2016-1232
    - LP: #1532943

 -- Felix Geyer <de...@ubuntu.com>  Mon, 11 Jan 2016 20:55:43 +0100

** Changed in: prosody (Ubuntu)
       Status: In Progress => Fix Released

** Changed in: prosody (Ubuntu)
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1532943

Title:
  CVE-2016-1231 and CVE-2016-1232

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/prosody/+bug/1532943/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1532943] Re: CVE-2016-1231 and CVE-2016-1232

Reply via email to