FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Prosody XMPP server advisory 2026-04-29

Affected packages
prosody < 13.0.5

Details

VuXML ID a420f545-442c-11f1-b9b5-589cfc0dc9a2
Discovery 2026-04-29
Entry 2026-04-30

The Prosody team reports:

Traffic patterns were discovered which can cause Prosody to consume excessive amounts of memory with much smaller amounts of incoming traffic. This traffic can be sent by unauthenticated connections. It was discovered that mod_proxy65’s access control was broken and incomplete due to two bugs.

The issue with unpausing connections was discovered and disclosed by Max Hearnden.

[source]

References

URL https://prosody.im/security/advisory_735dd9d3/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.