MGASA-2023-0122 - Updated dino packages fix security vulnerability Publication date: 31 Mar 2023 URL: https://advisories.mageia.org/MGASA-2023-0122.html Type: security Affected Mageia releases: 8 CVE: CVE-2023-28686 When a Dino client receives a specifically crafted message from an unauthorized sender, it would use information from that message to add, update or remove entries in the user’s personal bookmark store without requiring further user interaction. (CVE-2023-28686) References: - https://bugs.mageia.org/show_bug.cgi?id=31726 - https://dino.im/security/cve-2023-28686/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28686 SRPMS: - 8/core/dino-0.2.3-1.mga8
Mageia 2023-0122: dino security update
When a Dino client receives a specifically crafted message from an unauthorized sender, it would use information from that message to add, update or remove entries in the userâ€Â...
Summary
When a Dino client receives a specifically crafted message from an
unauthorized sender, it would use information from that message to add,
update or remove entries in the user’s personal bookmark store without
requiring further user interaction. (CVE-2023-28686)
References
- https://bugs.mageia.org/show_bug.cgi?id=31726
- https://dino.im/security/cve-2023-28686/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28686
Resolution
MGASA-2023-0122 - Updated dino packages fix security vulnerability
SRPMS
- 8/core/dino-0.2.3-1.mga8
Severity
Publication date: 31 Mar 2023
URL: https://advisories.mageia.org/MGASA-2023-0122.html
Type: security
CVE: CVE-2023-28686
News
HOWTOs
About Us
Powered By
