FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a3c2dee5-cdb9-11e2-b9ce-080027019be0telepathy-gabble -- TLS verification bypass

Simon McVittie reports:

This release fixes a man-in-the-middle attack.

If you use an unencrypted connection to a "legacy Jabber" (pre-XMPP) server, this version of Gabble will not connect until you make one of these configuration changes:

. upgrade the server software to something that supports XMPP 1.0; or

. use an encrypted "old SSL" connection, typically on port 5223 (old-ssl); or

. turn off "Encryption required (TLS/SSL)" (require-encryption).


Discovery 2013-05-27
Entry 2013-06-05
telepathy-gabble
< 0.16.6

CVE-2013-1431
http://lists.freedesktop.org/archives/telepathy/2013-May/006449.html