Bug#896914: quassel: Implement custom deserializer to add our own sanity checks)
I'm running the patched quassel core on Stretch and it is working fine. Scott K signature.asc Description: This is a digitally signed message part.
Bug#896914: quassel: Implement custom deserializer to add our own sanity checks
Hi Felix! On Wed, Apr 25, 2018 at 11:28:53PM +0200, Felix Geyer wrote: > Hi, > > On Wed, 25 Apr 2018 20:58:52 +0200 Salvatore Bonaccorso > wrote: > > Source: quassel > > Version: 1:0.12.4-1 > > Severity: normal > > Tags: patch security upstream > > Control: fixed -1 1:0.12.5-1 > > > > Hi Felix, > > > > Filling this as bug to have an identifier, since no CVE has been > > assigned. > > > > https://www.quassel-irc.org/node/130 > > > > Commit "Implement custom deserializer to add our own sanity checks": > > > > https://github.com/quassel/quassel/commit/18389a713a6810f57ab237b945e8ee03df857b8b > > I'm working on updates for jessie and stretch. > > Backporting to stretch is easy. > jessie requires a bit more work as the patch uses quite some C++11 features > which > isn't enabled in 0.10. Thank you, please just notify team@s.d.o when you have something ready. Thanks for working on it. Regards, Salvatore
Bug#896914: [Pkg-kde-extras] Bug#896914: quassel: Implement custom deserializer to add our own sanity checks
Issue descriptions from Gentoo (input for DSA text). I'm not sure issue 2 is really a security issue. Vuln 1: Title: quasselcore, corruption of heap metadata caused by qdatastream leading to preauth remote code execution. Severity: high, by default the server port is publicly open and the address can be requested using the /WHOIS command of IRC protocol. Description: In Qdatastream protocol each object are prepended with 4 bytes for the object size, this can be used to trigger allocation errors. Vuln 2: Title: quasselcore DDOS Severity: low, impact only a quasselcore not configured. Description: A login attempt causes a NULL pointer dereference because when the database is not initialized. Scott K
Bug#896914: quassel: Implement custom deserializer to add our own sanity checks
Hi, On Wed, 25 Apr 2018 20:58:52 +0200 Salvatore Bonaccorso wrote: > Source: quassel > Version: 1:0.12.4-1 > Severity: normal > Tags: patch security upstream > Control: fixed -1 1:0.12.5-1 > > Hi Felix, > > Filling this as bug to have an identifier, since no CVE has been > assigned. > > https://www.quassel-irc.org/node/130 > > Commit "Implement custom deserializer to add our own sanity checks": > > https://github.com/quassel/quassel/commit/18389a713a6810f57ab237b945e8ee03df857b8b I'm working on updates for jessie and stretch. Backporting to stretch is easy. jessie requires a bit more work as the patch uses quite some C++11 features which isn't enabled in 0.10. Felix
Bug#896914: quassel: Implement custom deserializer to add our own sanity checks
Source: quassel Version: 1:0.12.4-1 Severity: normal Tags: patch security upstream Control: fixed -1 1:0.12.5-1 Hi Felix, Filling this as bug to have an identifier, since no CVE has been assigned. https://www.quassel-irc.org/node/130 Commit "Implement custom deserializer to add our own sanity checks": https://github.com/quassel/quassel/commit/18389a713a6810f57ab237b945e8ee03df857b8b Regards, Salvatore
