Your message dated Fri, 01 Jan 2016 15:47:10 +0000
with message-id <e1af1v4-00012x...@franck.debian.org>
and subject line Bug#807801: fixed in quassel 1:0.10.0-2.3+deb8u2
has caused the Debian Bug report #807801,
regarding CVE-2015-8547: quassel: op command denial of service vulnerability
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
807801: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807801
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Package: quassel
Version: 1:0.12.2-2
Severity: important
Tags: security

Hi,

the following vulnerability was published for Quassel.

CVE-2015-8547: remotely triggerable DoS by any client on a Quassel core

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

https://security-tracker.debian.org/tracker/CVE-2015-8547
https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7

Please adjust the affected versions in the BTS as needed.

- -- 
Henri Salo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIbBAEBAgAGBQJWbSElAAoJECet96ROqnV0Qc8P9RRgUu3nA1U50qDiHkWBQu2d
t/AzoalX8bQe+6iNM6hJpwr4+0ipvhIzwVEBdtsImfzMGsEeoIh6xiswNjIovLKS
DUxTv2mnMDFbx5HAHXc8wKYsNRwaTeW1/kZHLZRczrydZJlPvW+J3WVh2Iri+Nz3
zZWAfYFViL2vCEcR50xOEoE1vnfhxwRUgOYRLXO4VY59q1Ri9imqp8OZOYW5nN/x
EXOYA2ZxIQhOh8/pDHHHxgP84+z3E2fXT5uyRDN1B7SUEF5eU2bnLO07sTgseqgm
UyEfNAH1H3WejIjwVMp9svKG8jUNSleO5CLSpFTmJTj6IYNsj664qNz/2qQaCpu1
dIGMW1lmyehHVVkkC7oACgdogakDZS9KHGNYHj3ZBM+6PyU/Hj1e4EE3thJwe5eX
YDWsZJe2LXxEYBuHxQnJPKft7aTmo9bQXFMHcEgjgKWquARIPl4CI7B0rPr+j3Nr
lrKBYMnyylnCrarFIcmtg+H1kzgI+OsH+8K+g6y7eWamN89taph37w11Hr4EuJib
C7LrKAwo4NVrRSXVqP319tPQ3HXmHvf1M4ShcsoE1qBdhT4SQSJ0oj5tYjMmuCIr
q9bPhfA7l3AbVkdeZqmTWb0tVnstBKX+wBCDNDtrzGEJtE9LE7GUV6cNFrfP4xfG
pFXZvvFLdF4ZiDegYOs=
=aVIY
-----END PGP SIGNATURE-----

--- End Message ---
--- Begin Message ---
Source: quassel
Source-Version: 1:0.10.0-2.3+deb8u2

We believe that the bug you reported is fixed in the latest version of
quassel, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 807...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Pierre Schweitzer <pie...@reactos.org> (supplier of updated quassel package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 13 Dec 2015 11:04:05 +0100
Source: quassel
Binary: quassel-core quassel-client quassel quassel-data quassel-client-kde4 
quassel-kde4 quassel-data-kde4
Architecture: all source
Version: 1:0.10.0-2.3+deb8u2
Distribution: jessie
Urgency: high
Maintainer: Thomas Mueller <thomas.muel...@tmit.eu>
Changed-By: Pierre Schweitzer <pie...@reactos.org>
Closes: 807801
Description: 
 quassel    - distributed IRC client - Qt-based monolithic core+client
 quassel-client - distributed IRC client - Qt-based client component
 quassel-client-kde4 - distributed IRC client - KDE-based client
 quassel-core - distributed IRC client - core component
 quassel-data - distributed IRC client - shared data (Qt version)
 quassel-data-kde4 - distributed IRC client - shared data (KDE4 version)
 quassel-kde4 - distributed IRC client - KDE-based monolithic core+client
Changes:
 quassel (1:0.10.0-2.3+deb8u2) jessie; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2015-8547: remote DoS in quassel core, using /op * command.
     (Closes: #807801)
     - Add debian/patches/CVE-2015-8547.patch, cherry-picked from upstream.
Checksums-Sha1: 
 ac6d467977e0f6620b40897f634257106c618ff9 2386 quassel_0.10.0-2.3+deb8u2.dsc
 5aaaeb6c1f13f485598f9b28ba5cf19f7f613a81 23064 
quassel_0.10.0-2.3+deb8u2.debian.tar.xz
 56558db9a08bd3dca419141b971a2a787cb48ceb 23042 
quassel-data_0.10.0-2.3+deb8u2_all.deb
 6c804495b37a79a6b0b1da8c0a946ed1e3ff00d5 624004 
quassel-data-kde4_0.10.0-2.3+deb8u2_all.deb
Checksums-Sha256: 
 7f4fcbb5ce243ab74867298f42ac3c2cbe944e1c5463c806932a90a0b44a35b8 2386 
quassel_0.10.0-2.3+deb8u2.dsc
 dac4451c9b9fcabd2f5e0b53afdf3a879fe41cb90d91a9e53984bdb31c339d5a 23064 
quassel_0.10.0-2.3+deb8u2.debian.tar.xz
 4837531376475b775d56fa1344811fe91e1e696205e63c68c1711d50212f0f27 23042 
quassel-data_0.10.0-2.3+deb8u2_all.deb
 9657b775d6d543352dd5040a58692eccdcbef47c24cf4f856296c46a20fd1577 624004 
quassel-data-kde4_0.10.0-2.3+deb8u2_all.deb
Files: 
 d7621d4383f8d05bdd6bed1f9e755685 2386 net optional 
quassel_0.10.0-2.3+deb8u2.dsc
 6411d27b24e1677455258cd951d2764b 23064 net optional 
quassel_0.10.0-2.3+deb8u2.debian.tar.xz
 8a5e0cb3206a97d05de05e6deb1f7f43 23042 net optional 
quassel-data_0.10.0-2.3+deb8u2_all.deb
 4e92982c71660643d6932e46394148bf 624004 net optional 
quassel-data-kde4_0.10.0-2.3+deb8u2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWgg0iAAoJEAVMuPMTQ89EeK0P/0UdBpWnSsDDvelQOVTCL6dQ
FP0ty9wiHQsj31K6mzu1VJBpJbfJsgHdJPm8JXMlG8Hbp8i8xk6tnIz22DWxfIAM
hSdIStytzLWqdsZXDJhH8P10q3pW2xoeUMhahOyXMGKe1pFlij5RaXVRk75ThvQT
07p1OqU0LxgBkCFRE14r+87hDqZOPlkbx9ypulrjeHFxi5jzhop2P0DXjopgu3o2
VxX5+IyrAe0omEujS9oO4mee8xZs455GgYBBsxI6VglPpXI8se4glx6+aAzl0sKJ
7A/pPjrjd8wozuBlattmqq2nMMsRmQbSEp7RtbwXZOvA5ZQMo0o2UJLhPr3SYNmb
7qM6a992Rr4VfiAv5YpsHPYlgPwEYcnIspg8Ylh4E9tZbbwJ9jZOdblNAWd9rGMH
gW4pA7JU41US2Yx82HCJtrltmsWyQUkM5kDi/7rS+GGzLVGmwAq9K8UcYJeGB4LG
JtNF/qonHCitee2bDVb4VrrNk41nXqCfXPSav6fX1rWnObVa633QoE8F/X7T4e75
b2QuDAxeca/OCBZIxUypuvXigQjU5UGm+oQXzWDkeIBwvcDb9VnjZyyXtQJGFVBY
jqONveyoBD6bI2h2QWbDcte6SD4Ogd17dvD05xgQc2uA6CKS7J72AM1oHM1URpNg
iOnEOYPCgzdn211Jh09i
=3hJr
-----END PGP SIGNATURE-----

--- End Message ---
_______________________________________________
pkg-kde-extras mailing list
pkg-kde-extras@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras

Reply via email to