Hi Pierre,

On Sun, Jun 05, 2016 at 01:34:53PM +0200, Pierre Schweitzer wrote:
> Dear all,
> The CVE 2016-4414 was identified earlier in Quassel, which allows an
> unauthenticated remote DoS in quassel-core. Its associated bug report in
> Debian BTS is: #826402.
> Please find attached a debdiff & dsc that address the backport for
> fixing the vulnerability in Jessie.
> Please, note that due 'compilation' issues (Quassel build for jessie
> isn't C++11 ready), I removed cosmetic change from the cherrypicked
> commit (return 0 -> return nullptr) and only kept functional changes.
> Would you be able to sponsor the upload, as I can't?
> Thanks for your help.

Thanks for preparing the update. As the issue is 'no-dsa', you first
need to get an ack from the stable release managers. There is
documentation here, hope it helps:


Hope then someone of the maintainers of src:quassel can sponsor your
upload (preferred), if not please let me know.

Regards and thanks!

pkg-kde-extras mailing list

Reply via email to