Updated ejabberd packages fix security vulnerability
Publication date: 23 Oct 2014Modification date: 23 Oct 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-8760
Description
A flaw was discovered in ejabberd that allows clients to connect with an unencrypted connection even if starttls_required is set (CVE-2014-8760).
References
SRPMS
3/core
- ejabberd-2.1.13-1.1.mga3
4/core
- ejabberd-2.1.13-3.1.mga4