Check origin of roster pushes MCabber is vulnerable to roster push attacks as described by Daniel Gultsch at https://gultsch.de/gajim_roster_push_and_message_interception.html. This patch should fix the problem by checking the sender of the iq:roster stanzas. Thanks to Sam Whited for the report.

prefix=@prefix@
exec_prefix=@exec_prefix@
libdir=@libdir@
includedir=@includedir@

Name: MCabber
Description: Modular XMPP client
URL: http://mcabber.com
Requires.private: glib-2.0 gmodule-2.0 loudmouth-1.0
Version: @VERSION@
Libs: 
Cflags: -I${includedir} @LIBOTR_CFLAGS@ @GPGME_CFLAGS@