Date: Sat, 5 Apr 2014 19:26:18 +0200 From: Salvatore Bonaccorso <carnil@...ian.org> To: oss-security@...ts.openwall.com Subject: Possible CVE Request: Uncontrolled Resource Consumption with XMPP-Layer Compression Hi, >From  thee is an security notice from the XMPP Standards Foundation affecting several XMPP server implementations: > The XMPP Standards Foundation has published a security notice > describing an uncontrolled resource consumption vulnerability in > several XMPP server implementations that support application-layer > compression. Details can be found at: > > http://xmpp.org/resources/security-notices/uncontrolled-resource-consumption-with-highly-compressed-xmpp-stanzas/ > > Peter  http://mail.jabber.org/pipermail/security/2014-April/000979.html Is this something which should get one CVE, or is a CVE for each implementation needed? Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ