remote DoS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| Lucid Backports |
Undecided
|
Scott Kitterman | ||
| maverick-backports |
Fix Released
|
Undecided
|
Scott Kitterman | |
| quassel (Ubuntu) |
Medium
|
Scott Kitterman | ||
| Lucid |
Medium
|
Jamie Strandboge | ||
| Maverick |
Medium
|
Jamie Strandboge | ||
| Natty |
Medium
|
Jamie Strandboge | ||
| Oneiric |
Medium
|
Scott Kitterman |
Bug Description
From http://
"CtcpParser:
certain CTCP requests correctly, allowing a remote attacker connected to the
same IRC network as the victim to cause a Denial of Service condition by
sending specially crafted CTCP requests. This was demonstrated in various
exploits on freenode today."
This is fixed in 0.7.3.
CVE References
visibility: | private → public |
Changed in quassel (Ubuntu Oneiric): | |
assignee: | nobody → Scott Kitterman (kitterman) |
status: | New → Fix Released |
importance: | Undecided → Medium |
Changed in quassel (Ubuntu Lucid): | |
status: | New → In Progress |
importance: | Undecided → Medium |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in quassel (Ubuntu Maverick): | |
status: | New → In Progress |
importance: | Undecided → Medium |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in quassel (Ubuntu Natty): | |
status: | New → In Progress |
importance: | Undecided → Medium |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in quassel (Ubuntu Lucid): | |
status: | In Progress → Fix Committed |
Changed in quassel (Ubuntu Maverick): | |
status: | In Progress → Fix Committed |
Changed in quassel (Ubuntu Natty): | |
status: | In Progress → Fix Committed |
Jamie Strandboge (jdstrand) wrote : | #1 |
Scott Kitterman (kitterman) wrote : | #2 |
quassel (0.7.2-
* No change backport from ubuntu-
Date: Fri, 09 Sep 2011 15:40:05 -0400
Changed-By: Scott Kitterman <email address hidden>
Maintainer: Ubuntu Developers <email address hidden>
https:/
Changed in maverick-backports: | |
status: | New → Fix Released |
Scott Kitterman (kitterman) wrote : | #3 |
quassel (0.7.2-
* No change backport from ubuntu-
Date: Fri, 09 Sep 2011 15:40:05 -0400
Changed-By: Scott Kitterman <email address hidden>
Maintainer: Ubuntu Developers <email address hidden>
https:/
Changed in lucid-backports: | |
status: | New → Fix Released |
assignee: | nobody → Scott Kitterman (kitterman) |
Changed in maverick-backports: | |
assignee: | nobody → Scott Kitterman (kitterman) |
Launchpad Janitor (janitor) wrote : | #4 |
This bug was fixed in the package quassel - 0.6.1-0ubuntu1.2
---------------
quassel (0.6.1-0ubuntu1.2) lucid-security; urgency=low
* SECURITY UPDATE: DoS in CTCP parser (LP: #845707)
- debian/
quotedReply to use QByteArray.append()
- CVE-2011-XXXX
-- Jamie Strandboge <email address hidden> Fri, 09 Sep 2011 10:41:22 -0500
Changed in quassel (Ubuntu Lucid): | |
status: | Fix Committed → Fix Released |
Launchpad Janitor (janitor) wrote : | #5 |
This bug was fixed in the package quassel - 0.7.1-0ubuntu1.1
---------------
quassel (0.7.1-0ubuntu1.1) maverick-security; urgency=low
* SECURITY UPDATE: DoS in CTCP parser (LP: #845707)
- debian/
quotedReply to use QByteArray.append()
- CVE-2011-XXXX
-- Jamie Strandboge <email address hidden> Fri, 09 Sep 2011 10:36:15 -0500
Changed in quassel (Ubuntu Maverick): | |
status: | Fix Committed → Fix Released |
Launchpad Janitor (janitor) wrote : | #6 |
This bug was fixed in the package quassel - 0.7.2-0ubuntu2.2
---------------
quassel (0.7.2-0ubuntu2.2) natty-security; urgency=low
* SECURITY UPDATE: DoS in CTCP parser (LP: #845707)
- debian/
quotedReply to use QByteArray.append()
- CVE-2011-XXXX
-- Jamie Strandboge <email address hidden> Fri, 09 Sep 2011 10:26:10 -0500
Changed in quassel (Ubuntu Natty): | |
status: | Fix Committed → Fix Released |
These have been uploaded to https:/ /launchpad. net/~ubuntu- security- proposed/ +archive/ ppa/+packages.