Advisories ยป MGASA-2016-0046

Updated gajim packages fix security vulnerability

Publication date: 05 Feb 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-8688

Description

Gajim before 0.16.5 doesn't verify the origin of roster pushes thus
allowing third parties to modify the roster via a man-in-the-middle attack
(CVE-2015-8688).
                

References

SRPMS

5/core