** Branch linked: lp:ubuntu/maverick-updates/ejabberd
** Branch linked: lp:ubuntu/lucid-security/ejabberd
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/791730
Title:
CVE-2011-1753: billion laughs
natty fixed in 2.1.5-3+squeeze1build0.11.04.1
** Changed in: ejabberd (Ubuntu Natty)
Status: Triaged = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/791730
Title:
debdiff for lucid
** Patch added: ejabberd_2.1.2-2ubuntu0.1.debdiff
https://bugs.launchpad.net/ubuntu/natty/+source/ejabberd/+bug/791730/+attachment/2171200/+files/ejabberd_2.1.2-2ubuntu0.1.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
debdiff for maverick
** Patch added: ejabberd_2.1.5-2ubuntu0.1.debdiff
https://bugs.launchpad.net/ubuntu/natty/+source/ejabberd/+bug/791730/+attachment/2171201/+files/ejabberd_2.1.5-2ubuntu0.1.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Thanks for the debdiffs, ACK.
Package are being built now, and will be released in the next few hours.
Thanks!
** Changed in: ejabberd (Ubuntu Lucid)
Status: Triaged = Fix Committed
** Changed in: ejabberd (Ubuntu Maverick)
Status: Triaged = Fix Committed
--
You received this
This bug was fixed in the package ejabberd - 2.1.5-2ubuntu0.1
---
ejabberd (2.1.5-2ubuntu0.1) maverick-security; urgency=low
* SECURITY UPDATE: billion laughs DoS vulnerability (LP: #791730)
- debian/patches/CVE-2011-1753.patch: patch from upstream
- CVE-2011-1753
-- Felix
This bug was fixed in the package ejabberd - 2.1.2-2ubuntu0.1
---
ejabberd (2.1.2-2ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: billion laughs DoS vulnerability (LP: #791730)
- debian/patches/CVE-2011-1753.patch: patch from upstream
- CVE-2011-1753
-- Felix
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
posting a debdiff for this issue. When a debdiff is available, members
of the security
Oneiric is fixed via 2.1.6-2.1.
** Changed in: ejabberd (Ubuntu Oneiric)
Status: Triaged = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/791730
Title:
CVE-2011-1753: billion
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1753
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/791730
Title:
CVE-2011-1753: billion laughs DoS vulnerability
--
Upstream bug report: https://support.process-one.net/browse/EJAB-1451
Upstream fix:
https://git.process-one.net/ejabberd/mainline/commit/bd1df027c622e1f96f9eeaac612a6a956c1ff0b6
The bug report states that all ejabberd versions before 2.1.7 are
affected.
--
You received this bug notification
** Also affects: ejabberd (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: ejabberd (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: ejabberd (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: ejabberd (Ubuntu
12 matches
Mail list logo