Stay Secure with the Latest Linux Advisories

security advisoryFedoraopen source

Fedora 23: Jabberd Security Advisory for Dialback PRNG Fix

fixes "Dialback secrets are generated using a non-cryptographically secure PRNG". -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-ba6fd98830 2016-02-29 02:06:34.731967 -------------------------------------------------------------------------------- Name : jabberd Product : Fedora 23 Version : 2.3.3 Release : 7.fc23 URL : https://jabberd2.org/ Summary : OpenSource server implementation of the Jabber protocols Description : The jabberd project aims to provide an open-source server implementation of the Jabber protocols for instant messaging and XML routing. The goal of this project is to provide a scalable, reliable, efficient and extensible server that provides a complete set of features and is up to date with the latest protocol revisions. jabberd2 is the next generation of the jabberd server. It has been rewritten from the ground up to be scalable, architecturally sound, and to support the latest protocol extensions coming out of the JSF. This package defaults to use pam and sqlite. -------------------------------------------------------------------------------- Update Information: fixes "Dialback secrets are generated using a non-cryptographically secure PRNG" -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update jabberd' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Debian 9 updates prosody torectify weak random number generator for authentication tokens, enhancing overall security measures.. Jabberd Update,Fedora 23 Security,PRNG Fix,Open Source Messaging,Jabber Protocol Improvements. . Severity: Critical. LinuxSecurity.com Team

Feb 29, 2016 •Critical Fedora