-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : mcabber Version : 0.10.2-1+deb8u1 CVE ID : CVE-2016-9928
It was discovered that there was a "roster push attack" in mcabber, a console-based Jabber (XMPP) client. This is identical to CVE-2015-8688
for gajim. For Debian 8 "Jessie", this problem has been fixed in version 0.10.2-1+deb8u1. We recommend that you upgrade your mcabber packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl74sQ9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEefNA/+MDJXZUS20VwiLQmjeM4PCJpCE39pM8XQZ3/wguHsMX3zdGSvhW5IQ/pj NRXfbfz3CdXt5Tvx2qCMdaLtuoAOuwjD+79lNb/5nb+XmtZtvnIeZzDUazmf9zln YLz+dZxBuk61HSqJi7bV7vul4pNBWraz2rgTGHvUjz72AUvY9FqYGexLy76oRpgr 0i4/+F7xLwZ+NlpPnCM1804D13m4EWDs8Zcw3Hq6Gide5ZNJrRmnqVBCJ6KiwT6o 4lnVJVlCwMQYbb5nn7HljN+fp0BoLJuNmKEblI9GhlNkcvDmRoq733YP1ulW9Lke ilFIcXIlBECc8cjQBcvGCEs77bjiLEYVIi9e9sLZ+i/yKze9vIN0bLuEVV0IYMZ9 VouiaA3EzWRtuWb59VyTK0997Da0dZwzSNoSMFw190IxSqUVZWMGof6ASVDvGYdY iwcX31YBU5PEIk66LNneSd/ohIxZY4ihqi7c+hK7KobJVMW0csKAF8eIQ+ppqpod qUoY82n4wbyyZ8miqTuo98jP0IUtbkUr1oUJuDiK9CmCoeHpibcl1Xrx87ksXJtx VUdlYYrcqnLMklT8Dk6eInEnwGZ5zI5vIOxxVnwgrTZYzWHLLTsFUOduCSaD1c7P bOSxgwcVClGZv5FFXUCZcI1PqvWd19xiplaoeHbTaF8rJbWSCpU= =h2ko -----END PGP SIGNATURE-----
