[Bug 1731797] Re: [CVE] Crash in IRC message parsing
Whoops, this was fixed in the PPA a while ago. Marking as such. ** Changed in: kubuntu-ppa Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1731797 Title: [CVE] Crash in IRC message parsing To manage notifications about this bug go to: https://bugs.launchpad.net/kubuntu-ppa/+bug/1731797/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1731797] Re: [CVE] Crash in IRC message parsing
I'm unsubscribing ubuntu-security-sponsors since the archive updates have all been sponsored. Thanks! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1731797 Title: [CVE] Crash in IRC message parsing To manage notifications about this bug go to: https://bugs.launchpad.net/kubuntu-ppa/+bug/1731797/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1731797] Re: [CVE] Crash in IRC message parsing
This bug was fixed in the package konversation - 1.6-0ubuntu1.1 --- konversation (1.6-0ubuntu1.1) xenial-security; urgency=high * SECURITY UPDATE: Crash in IRC message parsing (LP: #1731797): - CVE-2017-15923.patch: ensure integer overflow has not happened - CVE-2017-15923 - https://www.kde.org/info/security/advisory-20171112-1.txt -- Simon QuigleyTue, 21 Nov 2017 14:21:46 -0800 ** Changed in: konversation (Ubuntu Xenial) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1731797 Title: [CVE] Crash in IRC message parsing To manage notifications about this bug go to: https://bugs.launchpad.net/kubuntu-ppa/+bug/1731797/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1731797] Re: [CVE] Crash in IRC message parsing
This bug was fixed in the package konversation - 1.7.2-1ubuntu1.1 --- konversation (1.7.2-1ubuntu1.1) artful-security; urgency=high * SECURITY UPDATE: Crash in IRC message parsing (LP: #1731797): - CVE-2017-15923.patch: ensure integer overflow has not happened - CVE-2017-15923 - https://www.kde.org/info/security/advisory-20171112-1.txt -- Simon QuigleyTue, 21 Nov 2017 11:34:38 -0800 ** Changed in: konversation (Ubuntu Artful) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1731797 Title: [CVE] Crash in IRC message parsing To manage notifications about this bug go to: https://bugs.launchpad.net/kubuntu-ppa/+bug/1731797/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1731797] Re: [CVE] Crash in IRC message parsing
This bug was fixed in the package konversation - 1.6.2-0ubuntu1.1 --- konversation (1.6.2-0ubuntu1.1) zesty-security; urgency=high * SECURITY UPDATE: Crash in IRC message parsing (LP: #1731797): - CVE-2017-15923.patch: ensure integer overflow has not happened - CVE-2017-15923 - https://www.kde.org/info/security/advisory-20171112-1.txt -- Simon QuigleyTue, 21 Nov 2017 14:23:02 -0800 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1731797 Title: [CVE] Crash in IRC message parsing To manage notifications about this bug go to: https://bugs.launchpad.net/kubuntu-ppa/+bug/1731797/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1731797] Re: [CVE] Crash in IRC message parsing
This bug was fixed in the package konversation - 1.5-1ubuntu1.14.04.2 --- konversation (1.5-1ubuntu1.14.04.2) trusty-security; urgency=high * SECURITY UPDATE: Crash in IRC message parsing (LP: #1731797): - kubuntu_03_CVE-2017-15923.diff: ensure integer overflow has not happened - CVE-2017-15923 - https://www.kde.org/info/security/advisory-20171112-1.txt -- Simon QuigleyTue, 21 Nov 2017 15:11:10 -0800 ** Changed in: konversation (Ubuntu Trusty) Status: In Progress => Fix Released ** Changed in: konversation (Ubuntu Zesty) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1731797 Title: [CVE] Crash in IRC message parsing To manage notifications about this bug go to: https://bugs.launchpad.net/kubuntu-ppa/+bug/1731797/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1731797] Re: [CVE] Crash in IRC message parsing
Thanks Simon, I'm looking at these now. ** Changed in: konversation (Ubuntu Artful) Assignee: Simon Quigley (tsimonq2) => Steve Beattie (sbeattie) ** Changed in: konversation (Ubuntu Zesty) Assignee: Simon Quigley (tsimonq2) => Steve Beattie (sbeattie) ** Changed in: konversation (Ubuntu Xenial) Assignee: Simon Quigley (tsimonq2) => Steve Beattie (sbeattie) ** Changed in: konversation (Ubuntu Trusty) Assignee: Simon Quigley (tsimonq2) => Steve Beattie (sbeattie) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1731797 Title: [CVE] Crash in IRC message parsing To manage notifications about this bug go to: https://bugs.launchpad.net/kubuntu-ppa/+bug/1731797/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1731797] Re: [CVE] Crash in IRC message parsing
I uploaded debdiffs and dsc files with the patch applied here: http://people.ubuntu.com/~tsimonq2/.cves/konversation/ I have tested each package on each respective Kubuntu release, and they work without regresssions and fix the problem. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1731797 Title: [CVE] Crash in IRC message parsing To manage notifications about this bug go to: https://bugs.launchpad.net/kubuntu-ppa/+bug/1731797/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1731797] Re: [CVE] Crash in IRC message parsing
Packages are available for testing in ppa:tsimonq2/security-builds and in ppa:kubuntu-ppa/backports-landing. More details are available here: https://lists.ubuntu.com/archives/kubuntu- devel/2017-November/011487.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1731797 Title: [CVE] Crash in IRC message parsing To manage notifications about this bug go to: https://bugs.launchpad.net/kubuntu-ppa/+bug/1731797/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1731797] Re: [CVE] Crash in IRC message parsing
** Changed in: konversation (Ubuntu Trusty) Status: Triaged => In Progress ** Changed in: konversation (Ubuntu Xenial) Status: Triaged => In Progress ** Changed in: konversation (Ubuntu Artful) Status: Triaged => In Progress ** Changed in: konversation (Ubuntu Zesty) Status: Triaged => In Progress ** Changed in: kubuntu-ppa Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1731797 Title: [CVE] Crash in IRC message parsing To manage notifications about this bug go to: https://bugs.launchpad.net/kubuntu-ppa/+bug/1731797/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs