Home / mailings [SECURITY] [DSA 6252-1] prosody security update
Posted on 07 May 2026
Debian Security Advisory- -------------------------------------------------------------------------
Debian Security Advisory DSA-6252-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
May 07, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : prosody
CVE ID : CVE-2026-43504 CVE-2026-43505 CVE-2026-43506
CVE-2026-43507
Multiple security issues were found in Prosody, a lightweight
Jabber/XMPP server, which could result in denial of service or
insufficient access control when using the SOCKS5 proxy module.
For the oldstable distribution (bookworm), these problems have been fixed
in version 0.12.3-1+deb12u1.
For the stable distribution (trixie), these problems have been fixed in
version 13.0.1-1+deb131u.
We recommend that you upgrade your prosody packages.
For the detailed security status of prosody please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/prosody
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
