Headline
CVE-2022-45197: History for slixmpp/xmlstream/xmlstream.py - poezio/slixmpp
Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.
Commits on Aug 28, 2022
Commits on Jul 12, 2022
Commits on Jul 11, 2022
Commits on Jun 22, 2022
Fix delayed reconnect after DNS failure
The XML stream will re-schedule a reconnect on socket errors, except for DNS failures. If a user has no uplink connection, then DNS will also fail, preventing an automatic reconnection.
This patch consolidates the two code paths and sets a maximum back-off time of 5min (300s).
ge0rg committed
Jun 22, 2022
Commits on Apr 5, 2022
Commits on Apr 4, 2022
Commits on Apr 1, 2022
Commits on Mar 18, 2022
Commits on Feb 16, 2022
Commits on Feb 15, 2022
Commits on Jan 3, 2022
Commits on Dec 28, 2021
Commits on Dec 13, 2021
Commits on Nov 18, 2021
Commits on Jul 5, 2021
Commits on Jul 3, 2021
Commits on Jun 28, 2021
Commits on May 2, 2021
Commits on Apr 30, 2021
Commits on Apr 22, 2021
Commits on Apr 18, 2021
Commits on Apr 12, 2021
Commits on Apr 9, 2021
Commits on Apr 8, 2021
Commits on Feb 25, 2021
Commits on Feb 24, 2021
Commits on Feb 20, 2021
Commits on Feb 5, 2021
Commits on Feb 4, 2021
Related news
Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.