Multiple vulnerabilities have been found in ejabberd, the worst of which allowing for remote Denial of Service.
|Package||net-im/ejabberd on all architectures|
|Affected versions||< 2.1.9|
|Unaffected versions||>= 2.1.9|
ejabberd is the Erlang jabber daemon.
Multiple vulnerabilities have been discovered in ejabberd. Please review the CVE identifiers referenced below for details.
ejabberd allows remote attackers to cause a Denial of Service condition with the result of either crashing the daemon or the whole system by causing memory and CPU consumption.
There is no known workaround at this time.
All ejabberd users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-im/ejabberd-2.1.9"