Secunia: DESCRIPTION: A vulnerability has been reported in Openfire, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error and can be exploited to cause a DoS. The vulnerability is reported in version 3.4.5. Other versions may also be affected. SOLUTION: Update to version 3.5.0. ORIGINAL ADVISORY: http://www.igniterealtime.org/issues/browse/JM-1289
3.5.0 is already in the tree, good to go stable?
Vulnerability: It cannot handle clients that fail to read messages, and has no limit on their session's send buffer. http://www.igniterealtime.org/fisheye/changelog/svn-org?cs=10031
net-irc/humpback, is 3.5.0_rc1 good to go stable?
Arches, please test and mark stable: =net-im/openfire-3.5.0 Target keywords : "amd64 release x86"
amd64/x86 stable, last arches.
ready for GLSA vote /me votes yes
Voting YES as well and filing request.
Fixed in release snapshot.
GLSA 200804-26