Date: Sat, 5 Apr 2014 19:26:18 +0200 From: Salvatore Bonaccorso <carnil@...ian.org> To: oss-security@...ts.openwall.com Subject: Possible CVE Request: Uncontrolled Resource Consumption with XMPP-Layer Compression Hi, >From  thee is an security notice from the XMPP Standards Foundation affecting several XMPP server implementations: > The XMPP Standards Foundation has published a security notice > describing an uncontrolled resource consumption vulnerability in > several XMPP server implementations that support application-layer > compression. Details can be found at: > > http://xmpp.org/resources/security-notices/uncontrolled-resource-consumption-with-highly-compressed-xmpp-stanzas/ > > Peter  http://mail.jabber.org/pipermail/security/2014-April/000979.html Is this something which should get one CVE, or is a CVE for each implementation needed? Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.