Debian: 2702-1: telepathy-gabble: TLS verification bypass
Jun05
on June 5, 2013
at 3:33 pm
Posted In: Uncategorized
(Jun 3) Maksim Otstavnov discovered that the Wocky submodule used by telepathy-gabble, the Jabber/XMPP connection manager for the Telepathy framework, does not respect the tls-required flag on legacy Jabber servers. A network intermediary could use this vulnerability to bypass [More…]
Comment