cve-2013-6477-00

Summary Crash handling bad XMPP timestamp
Date 2014-01-28
CVE Number CVE-2013-6477
Discovered By Jaime Breva Ribes
Fixed In Release 2.10.8

Description

A remote XMPP user can trigger a crash on some systems by sending a message with a timestamp in the distant future.

Mitigation

Avoid passing negative timestamps to localtime().

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site