[OpenWrt-Devel] [CC 15.05] prosody: Security update (2 CVEs)
The prosody package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues. VERSION 0.9.8-1 => 0.9.9-1 CHANGELOG [Mon, 25 Jan 2016 13:31:29 +0100 bb23089] fixes: * path traversal vulnerability in mod_http_files (CVE-2016-1231) * use of weak PRNG in generation of dialback secrets (CVE-2016-1232) CHANGES net/prosody/Makefile |4 ++-- net/prosody/patches/010-fix-randomseed.patch | 12 2 files changed, 2 insertions(+), 14 deletions(-) REFERENCES * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1231 * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1232 * https://github.com/openwrt/packages/commit/bb23089e84f2cc6030fbf21ed3fb667d31bb3a7b ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [CC 15.05] prosody: Security update (2 CVEs)
The prosody package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues. VERSION 0.9.8-1 => 0.9.9-1 CHANGELOG [Mon, 25 Jan 2016 13:31:29 +0100 bb23089] fixes: * path traversal vulnerability in mod_http_files (CVE-2016-1231) * use of weak PRNG in generation of dialback secrets (CVE-2016-1232) CHANGES net/prosody/Makefile |4 ++-- net/prosody/patches/010-fix-randomseed.patch | 12 2 files changed, 2 insertions(+), 14 deletions(-) REFERENCES * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1231 * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1232 * https://github.com/openwrt/packages/commit/bb23089e84f2cc6030fbf21ed3fb667d31bb3a7b ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
