Michael has reported some vulnerabilities in jabberd, which potentially can be exploited by malicious users to compromise a vulnerable system. The vulnerabilities are caused due to three boundary errors in jid.c when parsing JID strings with overly long user, host, or resource components. This can be exploited to crash the server or potentially execute arbitrary code.
net-im, pls provide an updated ebuild. you could use the save version jabberd2 s9 or fix using this patch: http://j2.openaether.org/bugzilla/attachment.cgi?id=86 - thanks!
done, 2.0.9 committed, 2.0.8-r2 removed.
reopening, the process isn't finished
arches please mark stable
Only the masked version was affected. No need to mark stable...