UbuntuUpdates.org

Package "quassel"

Name: quassel

Description:

KDE/Qt-based IRC client

Latest version: 0.8.0-0ubuntu1.2
Release: precise (12.04)
Level: security
Repository: main
Homepage: http://www.quassel-irc.org/

Links


Download "quassel"


Other versions of "quassel" in Precise

Repository Area Version
base universe 0.8.0-0ubuntu1
base main 0.8.0-0ubuntu1
security universe 0.8.0-0ubuntu1.2
updates main 0.8.0-0ubuntu1.2
updates universe 0.8.0-0ubuntu1.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.8.0-0ubuntu1.2 2014-11-17 19:06:42 UTC

  quassel (0.8.0-0ubuntu1.2) precise-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds read in ECB Blowfish decryption
    - debian/patches/CVE-2014-8483.patch: backport upstream patch
    - CVE-2014-8483
    - LP: #1388333
 -- Felix Geyer <email address hidden> Tue, 04 Nov 2014 18:19:33 +0100

Source diff to previous version
1388333 CVE-2014-8483: out-of-bounds read in ECB Blowfish decryption
CVE-2014-8483 The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a mal

Version: 0.8.0-0ubuntu1.1 2014-01-20 16:06:28 UTC

  quassel (0.8.0-0ubuntu1.1) precise-security; urgency=low

  * SECURITY UPDATE: clients can access backlogs belonging to other users
    - debian/patches/CVE-2013-6404.patch: add upstream patch
    - CVE-2013-6404
    - LP: #1255362
 -- Felix Geyer <email address hidden> Thu, 16 Jan 2014 21:34:52 +0100

1255362 Clients may be able to access buffers belonging to other users
CVE-2013-6404 Quassel core (server daemon) in Quassel IRC before 0.9.2 does not ...



About   -   Send Feedback to @ubuntu_updates