I disagree: Badlop connected to a muc service and sent it an error stanza, in reply, the muc service sent his client another stanza; this violates RFC but what else? This does not result in any loop just by itself because well-behaving clients won't send their own error stanza back. So to DoS the server, there should be used a specially crafted client which would respond to any error coming from the server with another error, but this is nothing new -- such a client could just send certain IQ requests to the server as fast as it is able to.
-- Don't send error stanza as reply to error stanza (EJAB-930) https://bugs.launchpad.net/bugs/596676 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
