Mercurial > ~mikael > mcabber > hg
view mcabber/mcabber.pc.in @ 2283:6e1ead98930d
Check origin of roster pushes
MCabber is vulnerable to roster push attacks as described by Daniel Gultsch
at https://gultsch.de/gajim_roster_push_and_message_interception.html.
This patch should fix the problem by checking the sender of the iq:roster
stanzas.
Thanks to Sam Whited for the report.
author | Mikael Berthe <mikael@lilotux.net> |
---|---|
date | Mon, 21 Nov 2016 20:35:28 +0100 |
parents | d58fb8d7a09a |
children | ca442ece1f70 |
line wrap: on
line source
prefix=@prefix@ exec_prefix=@exec_prefix@ libdir=@libdir@ includedir=@includedir@ Name: MCabber Description: Modular XMPP client URL: http://mcabber.com Requires.private: glib-2.0 gmodule-2.0 loudmouth-1.0 Version: @VERSION@ Libs: Cflags: -I${includedir} @LIBOTR_CFLAGS@ @GPGME_CFLAGS@