[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#641062: pu: package quassel/0.6.3-2

tag 641062 + squeeze confirmed

On Sat, 2011-09-10 at 00:54 +0200, Thomas Mueller wrote:
> A security issue within quassel was reported:
> http://security-tracker.debian.org/tracker/TEMP-0640960-84D05E

This is now CVE-2011-3354.

> The quassel chat server can crash in case of some requests:
> http://bugs.quassel-irc.org/issues/1095
> This issue has been discussed with SecurityTeam on IRC with pabs.
> We agreed to do a regular stable upload as the criticality is not that high.
> Upstream provided a fix with 0.7.3, which has already been accepted in unstable.
> Backport of the fix to 0.6.3 has been finished and is ready for upload to stable.
> Please find the debdiff attached.

Please go ahead; thanks.



Reply to: