EUVD-2016-1558

Malware in sbrugna...

Debian: Security Advisory (DLA-967-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3943-1 : gajim - security update

Gajim, a GTK+-based XMPP/Jabber client, unconditionally implements the 'XEP-0146: Remote Controlling Clients' extension, allowing a malicious XMPP server to trigger commands to leak private conversations from encrypted sessions. With this update XEP-0146 support has been disabled by default and...

[SECURITY] [DSA 3943-1] gajim security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3943-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 14, 2017 https://www.debian.org/security/faq -...

Fedora 26 : gajim (2017-e6deec5bd0)

Gajim 0.16.8 - Fix rejoining MUCs after connection loss - Fix Groupchat invites - Fix encoding problems with newer GnuPG versions - Fix old messages randomly reappearing in the chat window - Fix some problems with IBB filetransfer - Make XEP-0146 Commands opt-in - Improve sending messages to your...

GLSA-201707-14 : Gajim: Information disclosure

The remote host is affected by the vulnerability described in GLSA-201707-14 Gajim: Information disclosure Gajim unconditionally implements the XEP-0146: Remote Controlling Clients extension. Impact : Remote attackers, by enticing a user to connect to a malicious XMPP server, could extract...

Fedora 24 : gajim (2017-62547837ba)

Gajim 0.16.8 - Fix rejoining MUCs after connection loss - Fix Groupchat invites - Fix encoding problems with newer GnuPG versions - Fix old messages randomly reappearing in the chat window - Fix some problems with IBB filetransfer - Make XEP-0146 Commands opt-in - Improve sending messages to your...

Updated gajim packages fix security vulnerability

Gajim unconditionally implements the "XEP-0146: Remote Controlling Clients" extension, which may be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions CVE-2016-10376...

Debian DLA-967-1 : gajim security update

Gajim implements XEP-0146, an XMPP extension to run commands remotely from another client. However it was found that malicious servers can trigger commands, which could lead to leaking private conversations from encrypted sessions. To solve this, XEP-0146 support has been disabled by default. For...

[SECURITY] [DLA 967-1] gajim security update

Package : gajim Version : 0.15.1-4.1+deb7u3 CVE ID : CVE-2016-10376 Debian Bug : 863445 Gajim implements XEP-0146, an XMPP extension to run commands remotely from another client. However it was found that malicious servers can trigger commands, which could lead to leaking private conversations fr...

Code injection

Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions...

CVE-2016-10376

Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions...

CVE-2016-10376

Gajim (XMPP client) up to version 0.16.7 unconditionally implements XEP-0146: Remote Controlling Clients, allowing a malicious XMPP server to trigger actions and potentially leak plaintext from OTR sessions. Public advisories (Debian, Gentoo, Fedora) note this behavior and provide patches/mitigat...