[jdev] Fwd: [Security] billion laughs attack
xramtsov at gmail.com
Thu Jun 2 05:09:07 UTC 2011
02.06.2011 03:59, Peter Saint-Andre wrote:
> -------- Original Message --------
> Subject: [Security] billion laughs attack
> Date: Wed, 01 Jun 2011 11:58:13 -0600
> From: Peter Saint-Andre<stpeter at stpeter.im>
> Reply-To: XMPP Security<security at xmpp.org>
> To: XMPP Security<security at xmpp.org>
> Over the last few days, the Debian security team has announced fixes to
> several XMPP server daemons to address the so-called "billion laughs"
> This attack is not limited to those server daemons, and in fact applies
> more generally to any XML-based applications. Other XMPP software
> projects (servers, clients, and libraries) might also vulnerable, and
> developers are encouraged to review their code.
> Background information can be found at the following web pages:
I think this should be forwarded in operators list as well.
Evgeniy Khramtsov, ProcessOne.
xmpp:xram at jabber.ru.
More information about the JDev