Security update for prosody
This update for prosody fixes the following issues:
prosody was updated to 0.11.10:
Security:
* MUC: Fix logic for access to affiliation lists CVE-2021-37601 (boo#1188976)
https://prosody.im/security/advisory_20210722/
Minor changes:
* prosodyctl: Add ‘limits’ to known globals to warn about misplacing it
* util.ip: Fix netmask for link-local address range
* mod_pep: Remove obsolete node restoration code
* util.pubsub: Fix traceback if node data not initialized
-
Submitted by
Michael Vetter (jubalh)
Fixed bugs
bnc#1188976
VUL-0: CVE-2021-37601: Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common configurations.
