[Pkg-xmpp-devel] Bug#867032: marked as done (jabberd2: CVE-2017-10807: allows anyone to authenticate using SASL ANONYMOUS, even when the option is not enabled)

[Debian Bug Tracking System]

Your message dated Sun, 09 Jul 2017 10:47:09 +0000
with message-id <E1dU9k5-0009Vq-6O at fasolo.debian.org>
and subject line Bug#867032: fixed in jabberd2 2.4.0-3+deb9u1
has caused the Debian Bug report #867032,
regarding jabberd2: CVE-2017-10807: allows anyone to authenticate using SASL ANONYMOUS, even when the option is not enabled
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner at bugs.debian.org
immediately.)


-- 
867032: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867032
Debian Bug Tracking System
Contact owner at bugs.debian.org with problems
-------------- next part --------------
An embedded message was scrubbed...
From: Sergey Korobitsin <undertaker at arta.kz>
Subject: jabberd2 allowing anyone to authenticate using SASL ANONYMOUS, even when the option is not enabled
Date: Mon, 03 Jul 2017 14:35:45 +0000
Size: 6138
URL: <http://lists.alioth.debian.org/pipermail/pkg-xmpp-devel/attachments/20170709/ef513c10/attachment-0002.mht>
-------------- next part --------------
An embedded message was scrubbed...
From: Salvatore Bonaccorso <carnil at debian.org>
Subject: Bug#867032: fixed in jabberd2 2.4.0-3+deb9u1
Date: Sun, 09 Jul 2017 10:47:09 +0000
Size: 5480
URL: <http://lists.alioth.debian.org/pipermail/pkg-xmpp-devel/attachments/20170709/ef513c10/attachment-0003.mht>