Information on source package ejabberd

Available versions

ReleaseVersion
jessie14.07-4+deb8u3
stretch16.09-4
buster18.06-1
sid18.09-1

Resolved issues

BugDescription
TEMP-0000000-F4C8D1ejabberd HTML code injection
CVE-2014-8760ejabberd before 2.1.13 does not enforce the starttls_required setting ...
CVE-2013-6169The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) ...
CVE-2011-4320The mod_pubsub module (mod_pubsub.erl) in ejabberd 2.1.8 and ...
CVE-2011-1753expat_erl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and ...
CVE-2010-0305ejabberd_c2s.erl in ejabberd before 2.1.3 allows remote attackers to ...
CVE-2009-0934Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 ...
CVE-2007-0903Unspecified vulnerability in the mod_roster_odbc module in ejabberd ...
CVE-2006-2221A third-party installer generation tool, possibly BitRock ...

Security announcements

DSA / DLADescription
DLA-881-1ejabberd - security update
DSA-2775-1ejabberd - insecure SSL usage
DSA-2775-1ejabberd - insecure SSL usage
DSA-2248-1ejabberd - denial of service
DSA-2248-1ejabberd - denial of service
DSA-2033-1ejabberd - denial of service
DSA-1774-1ejabberd - cross-site scripting

Search for package or bug name: Reporting problems