Overview

File _patchinfo of Package patchinfo.6052

<patchinfo incident="6052">
  <issue id="1014976" tracker="bnc">VUL-1: CVE-2016-9928: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza</issue>
  <issue id="2015-8688" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>XRevan86</packager>
  <description>
This update for mcabber fixes the following issues:

- Update to version 1.0.4 (changes since 1.0.2):
  * Check the origin of roster pushes (boo#1014976, CVE-2015-8688 (Gajim),
    https://gultsch.de/gajim_roster_push_and_message_interception.html)
  * Link with the tinfo library.
  * Fix default modules directory on OpenBSD.
  * Create the history log directory if it doesn't exist.
  * [OTR] Do not send empty subjects.
  * [UI] /set does not display password values anymore.
  * [MUC] Use nick to set the role.
  * Misc help/documentation updates.
</description>
  <summary>Security update for mcabber</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places