Package: konversation
Version: 1.5-1
Severity: important

Check for invalid input in encrypted buffers

The ECB Blowfish decryption function assumed that encrypted input would
always come in blocks of 12 characters, as specified. However, buggy
clients or annoying people may not adhere to that assumption, causing
the core to crash while trying to process the invalid base64 input.

(Description copied from

-- System Information:
Debian Release: jessie/sid
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable'), (110, 
'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages konversation depends on:
ii  kde-runtime        4:4.14.2-1
ii  kdepim-runtime     4:4.14.2-1
ii  konversation-data  1.5-1
ii  libc6              2.19-12
ii  libgcc1            1:4.9.1-19
ii  libkabc4           4:4.14.2-1
ii  libkde3support4    4:4.14.2-3
ii  libkdecore5        4:4.14.2-3
ii  libkdeui5          4:4.14.2-3
ii  libkemoticons4     4:4.14.2-3
ii  libkidletime4      4:4.14.2-3
ii  libkio5            4:4.14.2-3
ii  libknotifyconfig4  4:4.14.2-3
ii  libkparts4         4:4.14.2-3
ii  libkresources4     4:4.14.2-1
ii  libnepomuk4        4:4.14.2-3
ii  libnepomukutils4   4:4.14.2-3
ii  libphonon4         4:4.8.0-3
ii  libqca2            2.0.3-6
ii  libqt4-dbus        4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqt4-network     4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqt4-qt3support  4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqt4-svg         4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqt4-xml         4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqtcore4         4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqtgui4          4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libsolid4          4:4.14.2-3
ii  libsoprano4        2.9.4+dfsg-1.1
ii  libstdc++6         4.9.1-19
ii  phonon             4:4.8.0-3

konversation recommends no packages.

konversation suggests no packages.

-- no debconf information

pkg-kde-extras mailing list

Reply via email to