Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30270
HistoryFeb 01, 2014 - 12:00 a.m.

[USN-2091-1] OTR vulnerabilities

2014-02-0100:00:00
vulners.com
24
JSON

==========================================================================
Ubuntu Security Notice USN-2091-1
January 29, 2014

libotr vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.04 LTS

Summary:

Applications using the OTR secure chat protocol could be made to expose
sensitive information over the network.

Software Description:

  • libotr: Off-the-Record Messaging library

Details:

This update disables the OTR v1 protocol to prevent protocol downgrade
attacks.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
libotr2 3.2.0-4ubuntu0.2

After a standard system update you need to restart OTR applications to
make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2091-1
https://launchpad.net/bugs/1266016

Package Information:
https://launchpad.net/ubuntu/+source/libotr/3.2.0-4ubuntu0.2

– ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

JSON