Summary Crash handling bad XMPP timestamp
Date 2014-01-28
CVE Number CVE-2013-6477
Discovered By Jaime Breva Ribes
Fixed In Release 2.10.8


A remote XMPP user can trigger a crash on some systems by sending a message with a timestamp in the distant future.


Avoid passing negative timestamps to localtime().

Looking to reach us via XMPP? Check out the new PidginChat service!