Mageia 2023-0122: dino security update | LinuxSecurity.com
MGASA-2023-0122 - Updated dino packages fix security vulnerability

Publication date: 31 Mar 2023
URL: https://advisories.mageia.org/MGASA-2023-0122.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2023-28686

When a Dino client receives a specifically crafted message from an
unauthorized sender, it would use information from that message to add,
update or remove entries in the user’s personal bookmark store without
requiring further user interaction. (CVE-2023-28686)

References:
- https://bugs.mageia.org/show_bug.cgi?id=31726
- https://dino.im/security/cve-2023-28686/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28686

SRPMS:
- 8/core/dino-0.2.3-1.mga8

Mageia 2023-0122: dino security update

When a Dino client receives a specifically crafted message from an unauthorized sender, it would use information from that message to add, update or remove entries in the userâ€...

Summary

When a Dino client receives a specifically crafted message from an unauthorized sender, it would use information from that message to add, update or remove entries in the user’s personal bookmark store without requiring further user interaction. (CVE-2023-28686)

References

- https://bugs.mageia.org/show_bug.cgi?id=31726

- https://dino.im/security/cve-2023-28686/

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28686

Resolution

MGASA-2023-0122 - Updated dino packages fix security vulnerability

SRPMS

- 8/core/dino-0.2.3-1.mga8

Severity
Publication date: 31 Mar 2023
URL: https://advisories.mageia.org/MGASA-2023-0122.html
Type: security
CVE: CVE-2023-28686

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.