Summary Crash handling bad XMPP timestamp
Date 2014-01-28
CVE Number CVE-2013-6477
Discovered By Jaime Breva Ribes
Fixed In Release 2.10.8


A remote XMPP user can trigger a crash on some systems by sending a message with a timestamp in the distant future.


Avoid passing negative timestamps to localtime().

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site