close
  • Ar chevron_right

    Wormable code-execution flaw in Cisco Jabber has a severity rating of 9.9 out of 10

    news.movim.eu / ArsTechnica · Friday, 11 December - 12:43

Wormable code-execution flaw in Cisco Jabber has a severity rating of 9.9 out of 10

Enlarge (credit: Getty Images)

Cisco has patched its Jabber conferencing and messaging application against a critical vulnerability that made it possible for attackers to execute malicious code that would spread from computer to computer with no user interaction required. Again.

The vulnerability, which was first disclosed in September , was the result of several flaws discovered by researchers at security firm Watchcom Security. First, the app failed to properly filter potentially malicious elements contained in user-sent messages. The filter was based on an incomplete blocklist that could be bypassed using a programming attribute known as onanimationstart.

Messages that contained the attribute passed directly to DOM of an embedded browser. Because the browser was based on the Chromium Embedded Framework, it would execute any scripts that made it through the filter.

Read 5 remaining paragraphs | Comments

index?i=y71rUZYs6Uk:pzpc1Qm4qVA:V_sGLiPBpWUindex?i=y71rUZYs6Uk:pzpc1Qm4qVA:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA

Dino 0.2.0 in Debian

#jabber (or #xmpp) client #dino-im is now in #debian 11 ( #bullseye or testing) and Debian 10 ( #buster or stable). The latter via:

$ echo "deb https://deb.debian.org/debian buster-backports main" \
  | sudo tee /etc/apt/sources.list.d/backports.list
$ sudo apt update
$ sudo apt install -t buster-backports dino-im
  • favorite

    4 Like

    purplesun , Timothée Jaussoin , DebXWoody , indyradio

  • Be chevron_right

    Kaidan - A user-friendly XMPP client, and ATT - Automatic Trust Transfer

    debacle · pubsub.movim.eu / berlin-xmpp-meetup · Saturday, 2 March, 2019 - 12:48 edit

Kaidan - A user-friendly XMPP client, and ATT - Automatic Trust Transfer

At this months Berlin XMPP meetup, we will probably

When? Wednesday, 2019-03-13 18:00 CET

Where?JWD: Takustraße 3, 14195 Berlin

#xmpp #meeting #meetup #berlin #jabber #kaidan #client #sprint #att #omemo #jwd

  • Be chevron_right

    Location Changed: Berlin XMPP Meetup: What happened at XMPP Summit 23 and FOSDEM 2019?

    debacle · pubsub.movim.eu / berlin-xmpp-meetup · Thursday, 7 February, 2019 - 11:11 edit

Location Changed: Berlin XMPP Meetup: What happened at XMPP Summit 23 and FOSDEM 2019?

As always, we meet at the second Wednesday of every month on 18:00 hrs CE(S)T. Just come around and talk to us. We are actually nice.

This time, the three of us, who were at the XMPP summit and FOSDEM, will report.

And we will plan our sprint in March, see below.

Next Meeting

Wednesday, 2019-02-13 18:00 CET

DBJR

Mühlendamm 3

10178 Berlin

Visit our chat room: xmpp:berlin-meetup@conference.conversations.im?join

Breaking News: XMPP Sprint in Berlin

#berlin #xmpp #jabber #summit #fosdem #sprint #meeting #meetup