|
|
|
|
|
|
by Arathorn
1377 days ago
|
|
|
The vuln in question here is: “an attacker could take over an IRC channel where a Matrix bridge is present by confusing the bridge into merging it with a different channel”. It isn’t a bug in Matrix itself, or Matrix servers or clients, but an IRC-specific thing in that IRC bridge implementation. It’s obviously a nasty bug from an IRC perspective, but it really doesn’t feel like something that should stop you promoting Matrix. It feels a bit like we are being penalised for being transparent on publicising security issues… |
|
|