Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 23: Jabberd Security Advisory for Dialback PRNG Fix

fedora
Calendar Grey February 29, 2016
Dist Fedora Esm H88
Debian 9 updates prosody to rectify weak random number generator for authentication tokens, enhancing overall security measures.
fixes "Dialback secrets are generated using a non-cryptographically secure PRNG"

Summary

The jabberd project aims to provide an open-source server implementation of

the Jabber protocols for instant messaging and XML routing. The goal of this

project is to provide a scalable, reliable, efficient and extensible server

that provides a complete set of features and is up to date with the latest

protocol revisions.

jabberd2 is the next generation of the jabberd server. It has been

rewritten from the ground up to be scalable, architecturally sound, and to

support the latest protocol extensions coming out of the JSF.

This package defaults to use pam and sqlite.

Update Information:

fixes "Dialback secrets are generated using a non-cryptographically secure PRNG"

Topics%20covered

Topics Covered

security advisory Fedora open source instant messaging jabberd PRNG fix dialback

Change Log

References

Fedora Update Notification FEDORA-2016-ba6fd98830 2016-02-29 02:06:34.731967
Name : jabberd Product : Fedora 23 Version : 2.3.3 Release : 7.fc23 URL : https://jabberd2.org/ Summary : OpenSource server implementation of the Jabber protocols Description : The jabberd project aims to provide an open-source server implementation of the Jabber protocols for instant messaging and XML routing. The goal of this project is to provide a scalable, reliable, efficient and extensible server that provides a complete set of features and is up to date with the latest protocol revisions.
jabberd2 is the next generation of the jabberd server. It has been rewritten from the ground up to be scalable, architecturally sound, and to support the latest protocol extensions coming out of the JSF.
This package defaults to use pam and sqlite.

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update jabberd' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: jabberd
Product: Fedora 23
Version: 2.3.3
Release: 7.fc23
URL: https://jabberd2.org/
Summary: OpenSource server implementation of the Jabber protocols

Topics%20covered

Topics Covered

security advisory Fedora open source instant messaging jabberd PRNG fix dialback

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here