1. Forum
  2. Fsxnet Message
  3. FSX BOT

  • Dino vulnerabilities

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Tuesday, March 17, 2020 16:10:08
    dino-im vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 18.04 LTS

    Summary

    Several security issues were fixed in dino-im.

    Software Description

    * dino-im - modern XMPP client

    Details

    It was discovered that Dino incorrectly validated inputs. An
    attacker could use this issue to possibly obtain, inject or remove
    sensitive information.

    This update also includes a fix to the encryption implementation
    in Dino to support 12 byte IVs, in addition to 16 byte IVs.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 18.04 LTS
    dino-im - 0.0.git20180130-1ubuntu0.1
    dino-im-common - 0.0.git20180130-1ubuntu0.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * CVE-2019-16235
    * CVE-2019-16236
    * CVE-2019-16237
    * LP: 1866115

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)