After consulting with one of upstream developers, it became clear this bug cannot be exploited from the outside and so it's not really that serious as it might sound because it does not introduce a vulnerability. To exploit this bug, a hostile party should convince the server administrator to misconfigure one or more of their xmpp components; clearly, such an attacker could as well convince her to run `rm -rf /` as root.
-- Don't send error stanza as reply to error stanza (EJAB-930) https://bugs.launchpad.net/bugs/596676 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
