Debian Security Advisory

DLA-391-1 prosody -- LTS security update

Date Reported:

16 Jan 2016

Affected Packages:

prosody

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2016-1232.

More information:

It was discovered that in prosody, a Lightweight Jabber/XMPP server, used a weak PRNG in the mod_dialback module.

For Debian 6 Squeeze, this issue has been fixed in prosody version 0.7.0-1squeeze1+deb6u1.