hugo/content/about/security/advisories/cve-2011-4602-00.md

Fri, 30 Aug 2024 19:33:36 -0500

author
Gary Kramlich <grim@reaperworld.com>
date
Fri, 30 Aug 2024 19:33:36 -0500
changeset 543
4ab2b8637540
parent 399
0ec2c139628a
permissions
-rw-r--r--

Update the plugins page for the new process

This includes defining the process and providing a template for a new issue to
add new plugins. I did go through and audit `No IRC /WHO` so we had at least
one validated entry.

Testing Done:
Ran `npm run hugo:server` locally and verified the page worked and checked the new links.

Bugs closed: NEST-53

Reviewed at https://reviews.imfreedom.org/r/3450/

---
title: cve-2011-4602-00
date: 2011-12-10T00:00:00.000Z
cveNumber: cve-2011-4602
summary: XMPP remote crash
discoveredBy: Thijs Alkemade
fixedInRelease: 2.10.1
type: security
layout: cve
hidden: true
---

### Description

When receiving various stanzas related to voice and video chat, the XMPP
protocol plugin failed to ensure that the incoming message contained all
required fields, and would crash if certain fields were missing.

### Mitigation

Check for missing fields and handle them appropriately.

mercurial