Re: Ejabberd : Symlink vulnerability during installation process
The problem was in the software generating the installer. We have worked with
their team and they have been very responsive.
The problem has been fixed with the release of a new installer version (Less
than one day, about 12 jours :-):
Version: ejabberd-1.1.1_2-linux-installer.bin
Download page:
http://www.process-one.net/en/projects/ejabberd/download.html#binaries
Note that the problem was not on ejabberd itself but on its installer
generation tool, which is a third-party installer generator software.
Best regards,
--
Mickaël Rémond
http://www.process-one.net/