5 matches found
CVE-2019-16237
Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313messagearchivemanagement.vala...
Fedora 31 : dino (2019-2555c77f63)
Update dino to a96c8014, which addresses three CVEs. CVE-2019-16235 ============== Dino did not properly check the source of message carbons. https://nvd.nist.gov/vuln/detail/CVE-2019-16235 Fixed in https://github.com/dino/dino/commit/e84f2c49567e86d2a261ea264d65c4adc5 49c930 CVE-2019-16236...
Fedora 29 : dino (2019-0eb6d51f81)
Update dino to a96c8014, which addresses three CVEs. CVE-2019-16235 ============== Dino did not properly check the source of message carbons. https://nvd.nist.gov/vuln/detail/CVE-2019-16235 Fixed in https://github.com/dino/dino/commit/e84f2c49567e86d2a261ea264d65c4adc5 49c930 CVE-2019-16236...
Fedora 30 : dino (2019-3d3bb765ca)
Update dino to a96c8014, which addresses three CVEs. CVE-2019-16235 ============== Dino did not properly check the source of message carbons. https://nvd.nist.gov/vuln/detail/CVE-2019-16235 Fixed in https://github.com/dino/dino/commit/e84f2c49567e86d2a261ea264d65c4adc5 49c930 CVE-2019-16236...
CVE-2019-16237
CVE-2019-16237 affects the Dino XMPP client prior to the 2019-09-10 release. The issue arises because Dino did not properly validate the source of MAM messages (module/xep/0313_message_archive_management.vala). This could allow an attacker to obtain, inject, or remove sensitive information. Fedor...