Information on source package prosody

Available versions

ReleaseVersion
stretch0.9.12-2+deb9u2
stretch (security)0.9.12-2+deb9u4
buster0.11.2-1+deb10u2
bullseye0.11.9-2
sid0.11.9-2

Open issues

BugstretchbusterbullseyesidDescription
CVE-2021-37601fixedvulnerable (no DSA)fixedfixedmuc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers t ...
CVE-2021-32920vulnerable (no DSA, ignored)fixedfixedfixedProsody before 0.11.9 allows Uncontrolled CPU Consumption via a flood ...
CVE-2021-32918vulnerable (no DSA, ignored)fixedfixedfixedAn issue was discovered in Prosody before 0.11.9. Default settings are ...

Resolved issues

BugDescription
TEMP-0579087-7F12A8prosody password world-readable
CVE-2021-32921An issue was discovered in Prosody before 0.11.9. It does not use a co ...
CVE-2021-32919An issue was discovered in Prosody before 0.11.9. The undocumented dia ...
CVE-2021-32917An issue was discovered in Prosody before 0.11.9. The proxy65 componen ...
CVE-2018-10847prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authenticat ...
CVE-2017-18265Prosody before 0.10.0 allows remote attackers to cause a denial of ser ...
CVE-2016-1232The mod_dialback module in Prosody before 0.9.9 does not properly gene ...
CVE-2016-1231Directory traversal vulnerability in the HTTP file-serving module (mod ...
CVE-2016-0756The generate_dialback function in the mod_dialback module in Prosody b ...
CVE-2014-2745Prosody before 0.9.4 does not properly restrict the processing of comp ...
CVE-2014-2744plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightw ...
CVE-2011-2532The json.decode function in util/json.lua in Prosody 0.8.x before 0.8. ...
CVE-2011-2531Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect d ...
CVE-2011-2205Prosody before 0.8.1 does not properly detect recursion during entity ...

Security announcements

DSA / DLADescription
DLA-2687-2prosody - regression update
DLA-2687-1prosody - security update
DSA-4916-2prosody - regression update
DSA-4916-1prosody - security update
DSA-4216-1prosody - security update
DSA-4198-1prosody - security update
DSA-3463-1prosody - security update
DLA-407-1prosody - security update
DLA-391-1prosody - security update
DSA-3439-1prosody - security update
DSA-2895-1prosody - security update

Search for package or bug name: Reporting problems