[ubuntu/trusty-security] quassel 0.10.0-0ubuntu2.2 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Mon May 4 23:30:31 UTC 2015
quassel (0.10.0-0ubuntu2.2) trusty-security; urgency=medium
* SECURITY UPDATE: stack consumption vulnerability in message splitting code
- debian/patches/CVE-2015-2778.patch: original patch from Michael Marley,
backported by Steinar H. Gunderson
- CVE-2015-2778 and CVE-2015-2779
* SECURITY UPDATE: SQL injection vulnerability in PostgreSQL backend
- debian/patches/CVE-2015-3427.patch: upstream patch
- CVE-2015-3427
- original issue was CVE-2013-4422 which had an incomplete fix
- LP: #1448911
Date: 2015-05-04 22:30:13.466455+00:00
Changed-By: Felix Geyer <debfx-pkg at fobos.de>
Signed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/quassel/0.10.0-0ubuntu2.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list