This bug was fixed in the package dino-im - 0.0.git20180130-1ubuntu0.1
---------------
dino-im (0.0.git20180130-1ubuntu0.1) bionic-security; urgency=high
* Cherry pick upstream security fixes (LP: #1866113)
- SECURITY UPDATE: Fix check of source of a carbons message (CVE-2019-16235)
- SECURITY UPDATE: Check roster push authorization (CVE-2019-16236)
- SECURITY UPDATE: Fix check of source of MAM message (CVE-2019-16237)
* Accept IV sizes of 12 in addition to 16 to enable reading messages
sent from clients using 12-byte IVs again (LP: #1866115)
-- Julian Andres Klode <[email protected]> Wed, 04 Mar 2020 15:20:07
+0100
** Changed in: dino-im (Ubuntu Bionic)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1866113
Title:
CVE-2019-16235, CVE-2019-16236, CVE-2019-16237
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dino-im/+bug/1866113/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
