Gentoo Linux Security Advisory 201206-10 - Multiple vulnerabilities have been found in ejabberd, the worst of which allowing for remote Denial of Service. Versions less than 2.1.9 are affected.
6cd681249ed6044831c35f3c68aa924ec71fde18cf604b30cb8c2814194b8e5c
Debian Linux Security Advisory 2248-1 - Wouter Coekaerts discovered that ejabberd, a distributed XMPP/Jabber server written in Erlang, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service attacks against the service by sending specially crafted XML data to it.
de1900df9f3c9ee82372dc03eef9a63db5a89024f5837f7f77fe44f4b9d4e27b