Created attachment 231015 [details] add Prosody XMPP server advisory 2022-01-13 Add Prosody XMPP server advisory 2022-01-13. The recommended mitigation is to upgrade to Prosody 0.11.12. An update for net-im/prosody has been submitted in bug #261209.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=504d5f3edc06d542cdcd9c7d64a9c2f611a4e8b4 commit 504d5f3edc06d542cdcd9c7d64a9c2f611a4e8b4 Author: Thomas Zander <riggs@FreeBSD.org> AuthorDate: 2022-01-16 06:30:30 +0000 Commit: Thomas Zander <riggs@FreeBSD.org> CommitDate: 2022-01-16 06:30:30 +0000 security/vuxml: Document Prosody XMPP server advisory 2022-01-13 PR: 261210 Reported by: thomas@beingboiled.info Security: CVE-2022-0217 security/vuxml/vuln-2022.xml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+)
The vuxml file is updated only on main, not on the quarterly branches.