========================================================================== Ubuntu Security Notice USN-4306-1 March 17, 2020
dino-im vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Several security issues were fixed in dino-im. Software Description: - dino-im: modern XMPP client Details: It was discovered that Dino incorrectly validated inputs. An attacker could use this issue to possibly obtain, inject or remove sensitive information. This update also includes a fix to the encryption implementation in Dino to support 12 byte IVs, in addition to 16 byte IVs. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: dino-im 0.0.git20180130-1ubuntu0.1 dino-im-common 0.0.git20180130-1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4306-1 CVE-2019-16235, CVE-2019-16236, CVE-2019-16237, https://bugs.launchpad.net/bugs/1866115 Package Information: https://launchpad.net/ubuntu/+source/dino-im/0.0.git20180130-1ubuntu0.1
signature.asc
Description: PGP signature
-- ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
