Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is available, members of the security team will review it and
publish the package. See the following link for more information:
https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures
** Changed in: jabberd2
Status: New => Incomplete
** Changed in: jabberd2 (Ubuntu)
Status: New => Incomplete
** Also affects: jabberd2 (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: jabberd2 (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: jabberd2 (Ubuntu)
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1747893
Title:
jabberd2 before 2.6.1 allows anyone to authenticate using SASL
ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled
To manage notifications about this bug go to:
https://bugs.launchpad.net/jabberd2/+bug/1747893/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
