HGKeeper

Add a blog post about the Facebook page getting republished
default tip
6 weeks ago, Gary Kramlich

1e262de7cb13

Add a blog post about the Facebook page getting republished

Testing Done:
ran `npm run hugo:server` and verified everything looked alright.

Reviewed at https://reviews.imfreedom.org/r/2564/

---

title: cve-2022-26491-00

date: 2022-04-28T10:40:22+00:00

cveNumber: cve-2022-26491

summary: MITM when used without DNSSEC

discoveredBy: moparisthebest

fixedInRelease: 2.14.9

type: security

layout: cve

---

### Description

If not using DNSSEC it is trivial to perform a man in the middle attack a

client via DNS spoofing. You can find more discussion in the

[XMPP Standards Archives](https://mail.jabber.org/pipermail/standards/2022-February/038759.html).

### Mitigation

Removed the code that supported the `_xmppconnect` DNS TXT record.

pidgin/nest