Debian Security Advisory
DSA-3063-1 quassel -- security update
- Date Reported:
- 02 Nov 2014
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 766962.
In Mitre's CVE dictionary: CVE-2014-8483.
- More information:
An out-of-bounds read vulnerability was discovered in Quassel-core, one of the components of the distributed IRC client Quassel. An attacker can send a crafted message that crash to component causing a denial of services or disclosure of information from process memory.
For the stable distribution (wheezy), this problem has been fixed in version 0.8.0-1+deb7u3.
For the unstable distribution (sid), this problem has been fixed in version 0.10.0-2.1 (will be available soon).
We recommend that you upgrade your quassel packages.