powered by Jive Software

Smack Security Advisory 2016-11-22


#1

A critical security vulnerability has been found in Smack. Please upgrade immediately to Smack 4.1.9. Like all Smack releases with the same major and minor version numbers, 4.1.9 is a drop in replacement for all Smack 4.1 releases. Smack 4.1.9 is available on Maven Central.

The Ignite Realtime community would like to thank Sylvain Sarméjeanne for discovering and reporting the vulnerability to security@igniterealtime.org.


#2

Thanks for quick fix. I wonder when it will be available on the Downloads page.

As i have found out in the chat, the jars will be available on this site in a few weeks (so, around December 6th). So far one can take them from Maven Maven Repository: org.igniterealtime.smack » smack-core » 4.1.9