0b95043495
This fixes a cross-host authentication vulnerability, CVE-2018-10847. The issue affects Prosody instances that have multiple virtual hosts (including anonymous authenticated hosts): https://blog.prosody.im/prosody-0-10-2-security-release A full security advisory is available at https://prosody.im/security/advisory_20180531 Compute hashes locally as they are no more available on https://prosody.im/downloads/source/{MD5,SHA1,SHA256,SHA512}SUMS Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .. | ||
| 0001-enable-syslog.patch | ||
| 0002-add-pidfile.patch | ||
| Config.in | ||
| prosody.hash | ||
| prosody.mk | ||
| S50prosody | ||