Security update for quassel
SUSE Patch
security@suse.de
SUSE Security Team
openSUSE-SU-2015:2345-1
Final
1
1
2015-12-23T09:27:27Z
current
2015-12-23T09:27:27Z
2015-12-23T09:27:27Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for quassel
Quassel was updated to fix a remote DoS security issue.
The following vulnerability was fixed:
* CVE-2015-8547: Remote DoS in Quassel core
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://lists.opensuse.org/opensuse-updates/2015-12/msg00099.html
E-Mail link for openSUSE-SU-2015:2345-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
openSUSE Leap 42.1
quassel-0.12.2-7.1
quassel-base-0.12.2-7.1
quassel-client-0.12.2-7.1
quassel-core-0.12.2-7.1
quassel-mono-0.12.2-7.1
quassel-0.12.2-7.1 as a component of openSUSE Leap 42.1
quassel-base-0.12.2-7.1 as a component of openSUSE Leap 42.1
quassel-client-0.12.2-7.1 as a component of openSUSE Leap 42.1
quassel-core-0.12.2-7.1 as a component of openSUSE Leap 42.1
quassel-mono-0.12.2-7.1 as a component of openSUSE Leap 42.1
The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query.
CVE-2015-8547
openSUSE Leap 42.1:quassel-0.12.2-7.1
openSUSE Leap 42.1:quassel-base-0.12.2-7.1
openSUSE Leap 42.1:quassel-client-0.12.2-7.1
openSUSE Leap 42.1:quassel-core-0.12.2-7.1
openSUSE Leap 42.1:quassel-mono-0.12.2-7.1
moderate
Please Install the update.
https://lists.opensuse.org/opensuse-updates/2015-12/msg00099.html
https://www.suse.com/security/cve/CVE-2015-8547.html
CVE-2015-8547
https://bugzilla.suse.com/958928
SUSE Bug 958928