Package: mcabber / 1.1.0-1.1

Metadata

Package Version Patches format
mcabber 1.1.0-1.1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
spelling_manpage | (download)

doc/mcabber.1 | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
CVE 2017 5604.patch | (download)

mcabber/xmpp.c | 9 9 + 0 - 0 !
1 file changed, 9 insertions(+)

 cve-2017-5604

An incorrect implementation of XEP-0280: Message Carbons in mcabber allows a
remote attacker to impersonate any user, including contacts, in the vulnerable
application's display. This allows for various kinds of social engineering
attacks.

Bug-Debian: https://bugs.debian.org/854738