FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-12 06:08:27 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a3c2dee5-cdb9-11e2-b9ce-080027019be0	telepathy-gabble -- TLS verification bypass Simon McVittie reports: This release fixes a man-in-the-middle attack. If you use an unencrypted connection to a "legacy Jabber" (pre-XMPP) server, this version of Gabble will not connect until you make one of these configuration changes: . upgrade the server software to something that supports XMPP 1.0; or . use an encrypted "old SSL" connection, typically on port 5223 (old-ssl); or . turn off "Encryption required (TLS/SSL)" (require-encryption). Discovery 2013-05-27 Entry 2013-06-05 telepathy-gabble < 0.16.6 CVE-2013-1431 http://lists.freedesktop.org/archives/telepathy/2013-May/006449.html

VuXML ID

Description

a3c2dee5-cdb9-11e2-b9ce-080027019be0

telepathy-gabble -- TLS verification bypass

Simon McVittie reports:

This release fixes a man-in-the-middle attack.

If you use an unencrypted connection to a "legacy Jabber" (pre-XMPP) server, this version of Gabble will not connect until you make one of these configuration changes:

. upgrade the server software to something that supports XMPP 1.0; or

. use an encrypted "old SSL" connection, typically on port 5223 (old-ssl); or

. turn off "Encryption required (TLS/SSL)" (require-encryption).

Discovery 2013-05-27
Entry 2013-06-05
telepathy-gabble

< 0.16.6

CVE-2013-1431
http://lists.freedesktop.org/archives/telepathy/2013-May/006449.html