[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Prosody XMPP server advisory 2021-05-12 (multiple vulnerabilities)
From:       Matthew Wild <mwild1 () gmail ! com>
Date:       2021-05-14 10:50:08
Message-ID: CAJt9-x5u_Q_ngXJy6UkhnigtqE_Xgei0D4VFZ1JdCv_kBiMKkg () mail ! gmail ! com
[Download RAW message or body]

On Fri, 14 May 2021 at 11:08, Robert G. <robert.groesser@googlemail.com> wr=
ote:
>
> Hey guys,
>
> thank you for fixing this!
>
> >This flaw was discovered by Matthew Wild, a member of the Prosody team.
> The issue with MUC passwords was also previously identified by Robert
> Gr=C3=83=C2=B6sser.
>
> This wasn't identified by me, to be fair. I only reported this.
> The flaw was initially found by my colleague Marvin Zerulla.

Thanks for the clarification Robert! I've updated the advisory with this in=
fo.

Your quote also highlighted that the text advisory is being served
without an explicit character encoding. Thanks for finding that issue,
now fixed :)

Regards,
Matthew
[prev in list] [next in list] [prev in thread] [next in thread]