Ubuntu Security Notice 4306-1 - It was discovered that Dino incorrectly validated inputs. An attacker could use this issue to possibly obtain, inject or remove sensitive information. This update also includes a fix to the encryption implementation in Dino to support 12 byte IVs, in addition to 16 byte IVs.
a2f47a230f911f76555a82ef0156744fc0e7d0d73052c80d4f504e0a8010ebd4
Debian Linux Security Advisory 4524-1 - Multiple vulnerabilities have been discovered in the Dino XMPP client, which could allow spoofing message, manipulation of a user's roster (contact list) and unauthorised sending of message carbons.
8551b360c0f88830f871aa04060854676fa7e159b251f04cd90d353bba452d27