Fedora 19 : telepathy-gabble-0.17.4-1.fc19 (2013-9753)
Medium Nessus Plugin ID 67375
SynopsisThe remote Fedora host is missing a security update.
DescriptionThis release fixes a man-in-the-middle attack.
If you use an unencrypted connection to a 'legacy Jabber' (pre-XMPP) server, this version of Gabble will not connect until you make one of these configuration changes :
- upgrade the server software to something that supports XMPP 1.0; or
- use an encrypted 'old SSL' connection, typically on port 5223 (old-ssl); or
- turn off 'Encryption required (TLS/SSL)' (require-encryption)
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected telepathy-gabble package.