[Buildroot] [PATCH 1/1] prosody: security bump to version 0.10.2

Peter Korsgaard peter at korsgaard.com
Mon Nov 26 16:11:57 UTC 2018


>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:

 > This fixes a cross-host authentication vulnerability, CVE-2018-10847.
 > The issue affects Prosody instances that have multiple virtual hosts
 > (including anonymous authenticated hosts):
 > https://blog.prosody.im/prosody-0-10-2-security-release

 > A full security advisory is available at
 > https://prosody.im/security/advisory_20180531

 > Compute hashes locally as they are no more available on
 > https://prosody.im/downloads/source/{MD5,SHA1,SHA256,SHA512}SUMS

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>

Committed to 2018.08.x, thanks.

2018.02.x is using prosody 0.9.12, so I will instead bump that to
0.9.14.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list