* SECURITY UPDATE: stack consumption vulnerability in message splitting code
- debian/patches/CVE-2015-2778.patch: original patch from Michael Marley,
backported by Steinar H. Gunderson
- CVE-2015-2778 and CVE-2015-2779
* SECURITY UPDATE: SQL injection vulnerability in PostgreSQL backend
- debian/patches/CVE-2015-3427.patch: upstream patch
- CVE-2015-3427
- original issue was CVE-2013-4422 which had an incomplete fix
- LP: #1448911
-- Felix Geyer <email address hidden> Fri, 01 May 2015 18:30:44 +0200
This bug was fixed in the package quassel - 0.10.0-0ubuntu2.2
---------------
quassel (0.10.0-0ubuntu2.2) trusty-security; urgency=medium
* SECURITY UPDATE: stack consumption vulnerability in message splitting code patches/ CVE-2015- 2778.patch: original patch from Michael Marley, patches/ CVE-2015- 3427.patch: upstream patch
- debian/
backported by Steinar H. Gunderson
- CVE-2015-2778 and CVE-2015-2779
* SECURITY UPDATE: SQL injection vulnerability in PostgreSQL backend
- debian/
- CVE-2015-3427
- original issue was CVE-2013-4422 which had an incomplete fix
- LP: #1448911
-- Felix Geyer <email address hidden> Fri, 01 May 2015 18:30:44 +0200