Security update for prosody
This update for prosody fixes the following issues:
This security issue was fixed:
- CVE-2018-10847: Prevent insufficient validation of client-provided parameters
during XMPP stream restarts. Authenticated users may have overriden the realm
associated with their session, potentially bypassing security policies and
allowing impersonation (bsc#1094890).
-
Submitted by
Michael Vetter (jubalh)
Fixed bugs
bnc#1094890
VUL-0: CVE-2018-10847: prosody: insufficient stream header validation
