[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 5064-1] python-nbxmpp security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5064-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
January 29, 2022                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : python-nbxmpp
CVE ID         : CVE-2021-41055

It was discovered that missing input sanitising in python-nbxmpp, a
Jabber/XMPP Python library, could result in denial of service in clients
based on it (such as Gajim).

The oldstable distribution (buster) is not affected.

For the stable distribution (bullseye), this problem has been fixed in
version 2.0.2-1+deb11u1.

We recommend that you upgrade your python-nbxmpp packages.

For the detailed security status of python-nbxmpp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-nbxmpp

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmH1w3kACgkQEMKTtsN8
TjZkPxAAim/4BtjieggxtFMehBNE7hQot3vFlLiwLS62blskJhNbMlY8xjUgk49D
Bmwh/jXUdiCEWuFfo1bDoXrGH3rcC3wYDELveguvpV/w71S2S385w/Tsm2rkkWcm
TeiGh//2ejcGQpsBMdHc7zMLz4w3s6UPHpdw5dhK43jmSsLT4ksIDMraISCFigWc
GOy105Wyq7wv7wOutRT4bHxgoKWJvCBuBUB/4tIAuE0Ff/tiNeD8NYVXScbs5eFZ
XRtYRTxtvdYfeW9FZyxYD51ABkdR7qQTPSewM9sT9Zd7ktfgkdn+DJVwlj7Vpn+o
TTCz7AkNWkSvsD6nGe4J70W97K4nWE8wc67MQoSFZ5U12bx4CIGc3yBYCiq5uYiu
hJePSU0g68+yvYM4J4mucuXhlsFnPFED2Pq635lGTBK7JFHXabNm1McD31L0fPUT
hlNdkew8pZaEr1K7xMcf5YGK1rEhdJ1dOBzO0W43H2HUQJwQwPuaVbPFOKyMFTX2
uyiWcPGlo9kC09e39tJHzhKgKr0wLRvVjYpqP4XsqqFDby0Ks11kc0D94ubygfF+
z59kJbEBHffON5opGXOVYak0dPqxFvF/iZtYrUGEBDBjS7b38Dkd9JvDd15mW+mg
/FFqkNte9ByDtC/6akj079Ikre/9DS0MDrLKPWkiRHQhhr2mqzw=
=BKk1
-----END PGP SIGNATURE-----


Reply to: