On Tuesday 14 February 2017 10:34:56 Pali Rohár wrote:
> On Tuesday 14 February 2017 10:19:17 Luca Beltrame wrote:
> > Il giorno Tue, 14 Feb 2017 09:21:12 +0100
> > Pali Rohár ha scritto:
> >
> > > 1) Upstream libiris does not support building dynamic shared library
> >
> > Then they should be p
On Tuesday 14 February 2017 10:19:17 Luca Beltrame wrote:
> Il giorno Tue, 14 Feb 2017 09:21:12 +0100
> Pali Rohár ha scritto:
>
> > 1) Upstream libiris does not support building dynamic shared library
>
> Then they should be pestered until they do, it would at least reduce
> the impact of issue
Il giorno Tue, 14 Feb 2017 09:21:12 +0100
Pali Rohár ha scritto:
> 1) Upstream libiris does not support building dynamic shared library
Then they should be pestered until they do, it would at least reduce
the impact of issues like this one.
> 2) Upstream libiris does not have stable API/ABI
D
On Tuesday 14 February 2017 00:07:46 Albert Astals Cid wrote:
> This shows we should not be embedding libiris, is this something that can be
> worked on?
libiris is embedded in Kopete since beginning and being periodically
updated... Yes, dynamic linking against system library will prevent such
s
El dissabte, 11 de febrer de 2017, a les 13:59:01 CET, Pali Rohár va escriure:
> Hello!
>
> I need to inform you that jabber protocol in Kopete is vulnerable to
> CVE-2017-5593 (User Impersonation Vulnerability) due to defect in
> underlying Psi xmpp library libiris -- which is part of Kopete sour
