Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 12 Sep 2019 13:43:47 -0400
From: Randy Barlow <>
Subject: 3 CVEs in dino

Three CVEs have been identified and fixed in Dino.


Dino did not properly check the source of message carbons.

Fixed in


Dino did not check roster push authorization.

Fixed in


Dinot did not properly check the source of MAM messages.

Fixed in

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.