[Bug 1767539] Re: Security fixes from 0.12.5 require backfit to earlier releases
Launchpad Bug Tracker
1767539 at bugs.launchpad.net
Thu May 3 05:17:33 UTC 2018
This bug was fixed in the package quassel - 0.10.0-0ubuntu2.3
---------------
quassel (0.10.0-0ubuntu2.3) trusty-security; urgency=medium
* SECURITY UPDATE: quasselcore, corruption of heap metadata caused by
qdatastream (LP: #1767539)
- debian/patches/Implement_custom_deserializer.patch: Original patch from
upstream 0.12.5 release, adapted for non-C++ 11 systems by Felix Geyer
- CVE-2018-1000178
* SECURITY UPDATE: quasselcore, denial of service for unconfigured core
(LP: #1767539)
- debian/patches/Reject_clients_that_attempt_to_login_before_the_core_is
_configured.patch: Original patch from upstream 0.12.5 release, adapted
for non-C++ 11 systems by Felix Geyer
- CVE-2018-1000179
-- Scott Kitterman <scott at kitterman.com> Fri, 27 Apr 2018 20:25:50
-0400
** Changed in: quassel (Ubuntu Trusty)
Status: Confirmed => Fix Released
** CVE added: https://cve.mitre.org/cgi-
bin/cvename.cgi?name=2018-1000178
** CVE added: https://cve.mitre.org/cgi-
bin/cvename.cgi?name=2018-1000179
--
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to quassel in Ubuntu.
https://bugs.launchpad.net/bugs/1767539
Title:
Security fixes from 0.12.5 require backfit to earlier releases
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/quassel/+bug/1767539/+subscriptions
More information about the kubuntu-bugs
mailing list