Advisories ยป MGASA-2017-0049

Updated jitsi packages fix security vulnerability

Publication date: 18 Feb 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-5603

Description

An incorrect implementation of XEP-0280: Message Carbons in Jitsi and
other XMPP clients allows a remote attacker to impersonate any user,
including contacts, in the vulnerable application's display. This allows
for various kinds of social engineering attacks (CVE-2017-5603).
                

References

SRPMS

5/core