Updated jitsi packages fix security vulnerability
Publication date: 18 Feb 2017Modification date: 18 Feb 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-5603
Description
An incorrect implementation of XEP-0280: Message Carbons in Jitsi and other XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks (CVE-2017-5603).
References
SRPMS
5/core
- jitsi-2.6-1.1.mga5