Information on source package ejabberd

Available versions

ReleaseVersion
bullseye21.01-2
bookworm23.01-1
trixie23.10-1
sid24.07-2

Resolved issues

BugDescription
TEMP-0000000-F4C8D1ejabberd HTML code injection
CVE-2014-8760ejabberd before 2.1.13 does not enforce the starttls_required setting ...
CVE-2013-6169The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) we ...
CVE-2011-4320The mod_pubsub module (mod_pubsub.erl) in ejabberd 2.1.8 and 3.0.0-alp ...
CVE-2011-1753expat_erl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and ...
CVE-2010-0305ejabberd_c2s.erl in ejabberd before 2.1.3 allows remote attackers to c ...
CVE-2009-0934Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 allo ...
CVE-2007-0903Unspecified vulnerability in the mod_roster_odbc module in ejabberd be ...
CVE-2006-2221A third-party installer generation tool, possibly BitRock InstallBuild ...

Security announcements

DSA / DLADescription
DLA-881-1ejabberd - security update
DSA-2775-1ejabberd - insecure SSL usage
DSA-2248-1ejabberd - denial of service
DSA-2033-1ejabberd - denial of service
DSA-1774-1ejabberd - cross-site scripting

Search for package or bug name: Reporting problems