USN-4306-1: Dino vulnerabilities
17 March 2020
Several security issues were fixed in dino-im.
- dino-im - modern XMPP client
It was discovered that Dino incorrectly validated inputs. An attacker could use
this issue to possibly obtain, inject or remove sensitive information.
This update also includes a fix to the encryption implementation in Dino to
support 12 byte IVs, in addition to 16 byte IVs.