Dear all, After having asked for a CVE[0] for this Quassel issue [1], I've uploaded you (attached) a debdiff & dsc to the bug report for an upload. Would you be able to sponsor the upload, as I can't? Or perhaps the maintainers are available for the upload?
Cheers, [0]: http://seclists.org/oss-sec/2015/q4/476 [1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807801 -- Pierre Schweitzer <pierre at reactos.org> System & Network Administrator Senior Kernel Developer ReactOS Deutschland e.V.
diff -Nru quassel-0.10.0/debian/changelog quassel-0.10.0/debian/changelog
--- quassel-0.10.0/debian/changelog 2015-05-10 16:41:35.000000000 +0200
+++ quassel-0.10.0/debian/changelog 2015-12-13 11:06:32.000000000 +0100
@@ -1,3 +1,12 @@
+quassel (1:0.10.0-2.3+deb8u2) jessie-security; urgency=high
+
+ * Non-maintainer upload.
+ * Fix CVE-2015-8547: remote DoS in quassel core, using /op * command.
+ (Closes: #807801)
+ - Add debian/patches/CVE-2015-8547.patch, cherry-picked from upstream.
+
+ -- Pierre Schweitzer <pie...@reactos.org> Sun, 13 Dec 2015 11:04:05 +0100
+
quassel (1:0.10.0-2.3+deb8u1) jessie-security; urgency=high
* Fix CVE-2015-3427: SQL injection vulnerability in PostgreSQL backend.
diff -Nru quassel-0.10.0/debian/patches/CVE-2015-8547.patch quassel-0.10.0/debian/patches/CVE-2015-8547.patch
--- quassel-0.10.0/debian/patches/CVE-2015-8547.patch 1970-01-01 01:00:00.000000000 +0100
+++ quassel-0.10.0/debian/patches/CVE-2015-8547.patch 2015-12-13 11:03:42.000000000 +0100
@@ -0,0 +1,22 @@
+From 476aaa050f26d6a31494631d172724409e4c569b Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Konstantin=20Bl=C3=A4si?= <kbla...@gmail.com>
+Date: Wed, 21 Oct 2015 03:26:02 +0200
+Subject: [PATCH] Fixes a crash of the core when executing "/op *" in a query.
+
+---
+ src/core/coreuserinputhandler.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/core/coreuserinputhandler.cpp b/src/core/coreuserinputhandler.cpp
+index 7887a92..73aac48 100644
+--- a/src/core/coreuserinputhandler.cpp
++++ b/src/core/coreuserinputhandler.cpp
+@@ -232,7 +232,7 @@ void CoreUserInputHandler::doMode(const BufferInfo &bufferInfo, const QChar& add
+ if (!isNumber || maxModes == 0) maxModes = 1;
+
+ QStringList nickList;
+- if (nicks == "*") { // All users in channel
++ if (nicks == "*" && bufferInfo.type() == BufferInfo::ChannelBuffer) { // All users in channel
+ const QList<IrcUser*> users = network()->ircChannel(bufferInfo.bufferName())->ircUsers();
+ foreach(IrcUser *user, users) {
+ if ((addOrRemove == '+' && !network()->ircChannel(bufferInfo.bufferName())->userModes(user).contains(mode))
diff -Nru quassel-0.10.0/debian/patches/series quassel-0.10.0/debian/patches/series
--- quassel-0.10.0/debian/patches/series 2015-05-05 16:48:55.000000000 +0200
+++ quassel-0.10.0/debian/patches/series 2015-12-13 11:03:58.000000000 +0100
@@ -2,3 +2,4 @@
CVE-2014-8483.patch
CVE-2015-2778.patch
CVE-2015-3427.patch
+CVE-2015-8547.patch
Format: 3.0 (quilt) Source: quassel Binary: quassel-core, quassel-client, quassel, quassel-data, quassel-client-kde4, quassel-kde4, quassel-data-kde4 Architecture: any all Version: 1:0.10.0-2.3+deb8u2 Maintainer: Thomas Mueller <thomas.muel...@tmit.eu> Homepage: http://www.quassel-irc.org Standards-Version: 3.9.5 Build-Depends: debhelper (>= 9.20120417), libqt4-dev, cmake, libfontconfig1-dev, libfreetype6-dev, libpng-dev, libsm-dev, libice-dev, libxi-dev, libxrandr-dev, libxrender-dev, zlib1g-dev, libssl-dev, libdbus-1-dev, pkg-kde-tools, kdelibs5-dev, libqca2-dev, qt4-dev-tools, libqtwebkit-dev, libindicate-qt-dev, libdbusmenu-qt-dev Package-List: quassel deb net optional arch=any quassel-client deb net optional arch=any quassel-client-kde4 deb net optional arch=any quassel-core deb net optional arch=any quassel-data deb net optional arch=all quassel-data-kde4 deb net optional arch=all quassel-kde4 deb net optional arch=any Checksums-Sha1: 305d56774b1af2a891775a5637174d9048d875a7 2873233 quassel_0.10.0.orig.tar.bz2 620cae3e1c59c193eb9b6620b7568bbf0c9d0dc8 22964 quassel_0.10.0-2.3+deb8u2.debian.tar.xz Checksums-Sha256: 68228ce23aa3a992add3d00cb1e8b4863d8ca64bea99c881edf6d16ff9ec7c23 2873233 quassel_0.10.0.orig.tar.bz2 4dd55466a791826c75072999aa3899d1078ddbe1f25afe991a9be2a444a73b9d 22964 quassel_0.10.0-2.3+deb8u2.debian.tar.xz Files: 382466a7790979c172b7d7edf10a2981 2873233 quassel_0.10.0.orig.tar.bz2 b5a5acf4c81be0d48b2bf2c0a9045e5a 22964 quassel_0.10.0-2.3+deb8u2.debian.tar.xz
signature.asc
Description: OpenPGP digital signature
_______________________________________________ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras
