Matthew Wild discovered that the WebSockets code in Prosody, a lightweight Jabber/XMPP server, was susceptible to denial of service. For the oldstable distribution (buster), this problem has been fixed in version 0.11.2-1+deb10u3. For the stable distribution (bullseye), this problem has been fixed in version 0.11.9-2+deb11u1. We recommend that you upgrade your prosody packages. For the detailed security status of prosody please refer to its security tracker page at: https://security-tracker.debian.org/tracker/prosody
Matthew Wild discovered that the WebSockets code in Prosody, a lightweight Jabber/XMPP server, was susceptible to denial of service.
For the oldstable distribution (buster), this problem has been fixed in version 0.11.2-1+deb10u3.
For the stable distribution (bullseye), this problem has been fixed in version 0.11.9-2+deb11u1.
We recommend that you upgrade your prosody packages.
For the detailed security status of prosody please refer to its security tracker page at: https://security-tracker.debian.org/tracker/prosody