Information on source package prosody

Available versions

ReleaseVersion
jessie (security)0.9.7-2+deb8u4
stretch (security)0.9.12-2+deb9u2
buster0.10.2-1
sid0.10.2-1

Resolved issues

BugDescription
TEMP-0579087-7F12A8prosody password world-readable
CVE-2018-10847prosody before versions 0.10.2, 0.9.14 is vulnerable to an ...
CVE-2017-18265Prosody before 0.10.0 allows remote attackers to cause a denial of ...
CVE-2016-1232The mod_dialback module in Prosody before 0.9.9 does not properly ...
CVE-2016-1231Directory traversal vulnerability in the HTTP file-serving module ...
CVE-2016-0756The generate_dialback function in the mod_dialback module in Prosody ...
CVE-2014-2745Prosody before 0.9.4 does not properly restrict the processing of ...
CVE-2014-2744plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) ...
CVE-2011-2532The json.decode function in util/json.lua in Prosody 0.8.x before ...
CVE-2011-2531Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect ...
CVE-2011-2205Prosody before 0.8.1 does not properly detect recursion during entity ...

Security announcements

DSA / DLADescription
DSA-4216-1prosody - security update
DSA-4216-1prosody - security update
DSA-4198-1prosody - security update
DSA-3463-1prosody - security update
DSA-3463-1prosody - security update
DLA-407-1prosody - security update
DLA-391-1prosody - security update
DSA-3439-1prosody - security update
DSA-3439-1prosody - security update
DSA-2895-1prosody - security update

Search for package or bug name: Reporting problems