Bug#809200: marked as done (jessie-pu: package quassel/1:0.10.0-2.3+deb8u1)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Sat, 23 Jan 2016 13:57:15 +0000
with message-id <1453557435.1835.52.camel@adam-barratt.org.uk>
and subject line 8.3 point release cleanup
has caused the Debian Bug report #809200,
regarding jessie-pu: package quassel/1:0.10.0-2.3+deb8u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
809200: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809200
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: jessie-pu: package quassel/1:0.10.0-2.3+deb8u1
• From: Pierre Schweitzer <pierre@reactos.org>
• Date: Mon, 28 Dec 2015 09:23:50 +0100
• Message-id: <20151228082350.15577.72073.reportbug@desktop>

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian.org@packages.debian.org
Usertags: pu

Dear all,

A security issue was found in quassel-core (CVE-2015-8547), allowing an
authenticated remote client to cause a denial of service.
Given the fact that Quassel isn't widely used in the client/server model
nowadays, the Debian Security Team has asked the issue to be fixed with the
next Jessie point release.

You'll find attached the dsc and the debdiff for the proposed upload against
Jessie.

Cheers

-- System Information:
Debian Release: 8.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)

diff -Nru quassel-0.10.0/debian/changelog quassel-0.10.0/debian/changelog
--- quassel-0.10.0/debian/changelog	2015-05-10 16:41:35.000000000 +0200
+++ quassel-0.10.0/debian/changelog	2015-12-28 00:02:39.000000000 +0100
@@ -1,3 +1,12 @@
+quassel (1:0.10.0-2.3+deb8u2) jessie; urgency=high
+
+  * Non-maintainer upload.
+  * Fix CVE-2015-8547: remote DoS in quassel core, using /op * command.
+    (Closes: #807801)
+    - Add debian/patches/CVE-2015-8547.patch, cherry-picked from upstream.
+
+ -- Pierre Schweitzer <pierre@reactos.org>  Sun, 13 Dec 2015 11:04:05 +0100
+
 quassel (1:0.10.0-2.3+deb8u1) jessie-security; urgency=high
 
   * Fix CVE-2015-3427: SQL injection vulnerability in PostgreSQL backend.
diff -Nru quassel-0.10.0/debian/patches/CVE-2015-8547.patch quassel-0.10.0/debian/patches/CVE-2015-8547.patch
--- quassel-0.10.0/debian/patches/CVE-2015-8547.patch	1970-01-01 01:00:00.000000000 +0100
+++ quassel-0.10.0/debian/patches/CVE-2015-8547.patch	2015-12-28 00:02:13.000000000 +0100
@@ -0,0 +1,22 @@
+From 476aaa050f26d6a31494631d172724409e4c569b Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Konstantin=20Bl=C3=A4si?= <kblaesi@gmail.com>
+Date: Wed, 21 Oct 2015 03:26:02 +0200
+Subject: [PATCH] Fixes a crash of the core when executing "/op *" in a query.
+
+---
+ src/core/coreuserinputhandler.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/core/coreuserinputhandler.cpp b/src/core/coreuserinputhandler.cpp
+index 7887a92..73aac48 100644
+--- a/src/core/coreuserinputhandler.cpp
++++ b/src/core/coreuserinputhandler.cpp
+@@ -232,7 +232,7 @@ void CoreUserInputHandler::doMode(const BufferInfo &bufferInfo, const QChar& add
+     if (!isNumber || maxModes == 0) maxModes = 1;
+ 
+     QStringList nickList;
+-    if (nicks == "*") { // All users in channel
++    if (nicks == "*" && bufferInfo.type() == BufferInfo::ChannelBuffer) { // All users in channel
+         const QList<IrcUser*> users = network()->ircChannel(bufferInfo.bufferName())->ircUsers();
+         foreach(IrcUser *user, users) {
+             if ((addOrRemove == '+' && !network()->ircChannel(bufferInfo.bufferName())->userModes(user).contains(mode))
diff -Nru quassel-0.10.0/debian/patches/series quassel-0.10.0/debian/patches/series
--- quassel-0.10.0/debian/patches/series	2015-05-05 16:48:55.000000000 +0200
+++ quassel-0.10.0/debian/patches/series	2015-12-28 00:02:13.000000000 +0100
@@ -2,3 +2,4 @@
 CVE-2014-8483.patch
 CVE-2015-2778.patch
 CVE-2015-3427.patch
+CVE-2015-8547.patch

Format: 3.0 (quilt)
Source: quassel
Binary: quassel-core, quassel-client, quassel, quassel-data, quassel-client-kde4, quassel-kde4, quassel-data-kde4
Architecture: any all
Version: 1:0.10.0-2.3+deb8u2
Maintainer: Thomas Mueller <thomas.mueller@tmit.eu>
Homepage: http://www.quassel-irc.org
Standards-Version: 3.9.5
Build-Depends: debhelper (>= 9.20120417), libqt4-dev, cmake, libfontconfig1-dev, libfreetype6-dev, libpng-dev, libsm-dev, libice-dev, libxi-dev, libxrandr-dev, libxrender-dev, zlib1g-dev, libssl-dev, libdbus-1-dev, pkg-kde-tools, kdelibs5-dev, libqca2-dev, qt4-dev-tools, libqtwebkit-dev, libindicate-qt-dev, libdbusmenu-qt-dev
Package-List:
 quassel deb net optional arch=any
 quassel-client deb net optional arch=any
 quassel-client-kde4 deb net optional arch=any
 quassel-core deb net optional arch=any
 quassel-data deb net optional arch=all
 quassel-data-kde4 deb net optional arch=all
 quassel-kde4 deb net optional arch=any
Checksums-Sha1:
 305d56774b1af2a891775a5637174d9048d875a7 2873233 quassel_0.10.0.orig.tar.bz2
 40abd40ac178fdd7ce9d80e5cff83c887b12bb62 23128 quassel_0.10.0-2.3+deb8u2.debian.tar.xz
Checksums-Sha256:
 68228ce23aa3a992add3d00cb1e8b4863d8ca64bea99c881edf6d16ff9ec7c23 2873233 quassel_0.10.0.orig.tar.bz2
 99ea16063c487057409aeed3b805f4f12e0a11b4df087e45f9c4bd503a00dab9 23128 quassel_0.10.0-2.3+deb8u2.debian.tar.xz
Files:
 382466a7790979c172b7d7edf10a2981 2873233 quassel_0.10.0.orig.tar.bz2
 0a6ca72fd93eb30cffdce5ec8d457bd7 23128 quassel_0.10.0-2.3+deb8u2.debian.tar.xz

--- End Message ---

--- Begin Message ---

• To: 783355-done@bugs.debian.org, 784944-done@bugs.debian.org, 787021-done@bugs.debian.org, 787423-done@bugs.debian.org, 791403-done@bugs.debian.org, 792468-done@bugs.debian.org, 792806-done@bugs.debian.org, 793556-done@bugs.debian.org, 794940-done@bugs.debian.org, 796281-done@bugs.debian.org, 797170-done@bugs.debian.org, 797710-done@bugs.debian.org, 798028-done@bugs.debian.org, 798584-done@bugs.debian.org, 798749-done@bugs.debian.org, 798889-done@bugs.debian.org, 798890-done@bugs.debian.org, 798891-done@bugs.debian.org, 798892-done@bugs.debian.org, 798893-done@bugs.debian.org, 798895-done@bugs.debian.org, 799033-done@bugs.debian.org, 799070-done@bugs.debian.org, 799229-done@bugs.debian.org, 799230-done@bugs.debian.org, 799369-done@bugs.debian.org, 799477-done@bugs.debian.org, 799758-done@bugs.debian.org, 799777-done@bugs.debian.org, 800006-done@bugs.debian.org, 800664-done@bugs.debian.org, 800793-done@bugs.debian.org, 800881-done@bugs.debian.org, 801095-done@bugs.debian.org, 801098-done@bugs.debian.org, 801100-done@bugs.debian.org, 801304-done@bugs.debian.org, 801318-done@bugs.debian.org, 801441-done@bugs.debian.org, 801580-done@bugs.debian.org, 801743-done@bugs.debian.org, 801851-done@bugs.debian.org, 801892-done@bugs.debian.org, 802851-done@bugs.debian.org, 802879-done@bugs.debian.org, 802900-done@bugs.debian.org, 802942-done@bugs.debian.org, 803362-done@bugs.debian.org, 803467-done@bugs.debian.org, 803490-done@bugs.debian.org, 803569-done@bugs.debian.org, 803678-done@bugs.debian.org, 803730-done@bugs.debian.org, 804157-done@bugs.debian.org, 804172-done@bugs.debian.org, 804208-done@bugs.debian.org, 804381-done@bugs.debian.org, 804383-done@bugs.debian.org, 804734-done@bugs.debian.org, 804885-done@bugs.debian.org, 805024-done@bugs.debian.org, 805127-done@bugs.debian.org, 805190-done@bugs.debian.org, 805214-done@bugs.debian.org, 805260-done@bugs.debian.org, 805293-done@bugs.debian.org, 805383-done@bugs.debian.org, 805634-done@bugs.debian.org, 805721-done@bugs.debian.org, 805894-done@bugs.debian.org, 806129-done@bugs.debian.org, 806165-done@bugs.debian.org, 806247-done@bugs.debian.org, 806252-done@bugs.debian.org, 806338-done@bugs.debian.org, 806529-done@bugs.debian.org, 806640-done@bugs.debian.org, 807129-done@bugs.debian.org, 807140-done@bugs.debian.org, 807142-done@bugs.debian.org, 807273-done@bugs.debian.org, 807280-done@bugs.debian.org, 807467-done@bugs.debian.org, 807489-done@bugs.debian.org, 807515-done@bugs.debian.org, 807576-done@bugs.debian.org, 807612-done@bugs.debian.org, 807828-done@bugs.debian.org, 807917-done@bugs.debian.org, 808559-done@bugs.debian.org, 808890-done@bugs.debian.org, 809200-done@bugs.debian.org, 809255-done@bugs.debian.org, 809258-done@bugs.debian.org, 809307-done@bugs.debian.org, 809534-done@bugs.debian.org, 809561-done@bugs.debian.org, 809688-done@bugs.debian.org, 809757-done@bugs.debian.org, 809824-done@bugs.debian.org, 810004-done@bugs.debian.org, 810111-done@bugs.debian.org, 810130-done@bugs.debian.org, 810542-done@bugs.debian.org, 810760-done@bugs.debian.org, 810887-done@bugs.debian.org, 811132-done@bugs.debian.org, 811320-done@bugs.debian.org, 792779-done@bugs.debian.org
• Subject: 8.3 point release cleanup
• From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
• Date: Sat, 23 Jan 2016 13:57:15 +0000
• Message-id: <1453557435.1835.52.camel@adam-barratt.org.uk>

Version: 8.3

Hi,

The updates referred to in these bugs were included in today's 8.3
Jessie point release.

Regards,

Adam

--- End Message ---