Information on source package quassel

Available versions

ReleaseVersion
jessie1:0.10.0-2.3+deb8u4
stretch1:0.12.4-2+deb9u1
buster1:0.13.1-1+deb10u2
bullseye1:0.13.1-5
bookworm1:0.14.0-1
trixie1:0.14.0-2
sid1:0.14.0-2

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2021-34825vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedQuassel through 0.13.1, when --require-ssl is enabled, launches withou ...

Resolved issues

BugDescription
TEMP-0000000-283B1AQuassel: /var/lib/quassel/quasselCert.pem world-readable
CVE-2018-1000179A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 ...
CVE-2018-1000178A heap corruption of type CWE-120 exists in quassel version 0.12.4 in ...
CVE-2016-4414The onReadyRead function in core/coreauthhandler.cpp in Quassel before ...
CVE-2015-8547The CoreUserInputHandler::doMode function in core/coreuserinputhandler ...
CVE-2015-3427Quassel before 0.12.2 does not properly re-initialize the database ses ...
CVE-2015-2779Stack consumption vulnerability in the message splitting functionality ...
CVE-2015-2778Quassel before 0.12-rc1 uses an incorrect data-type size when splittin ...
CVE-2014-8483The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allo ...
CVE-2013-6404Quassel core (server daemon) in Quassel IRC before 0.9.2 does not prop ...
CVE-2013-4422SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 ...
CVE-2011-3354The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel b ...
CVE-2010-3443ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows ...
CVE-2008-5657CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows rem ...

Security announcements

DSA / DLADescription
DLA-1370-1quassel - security update
DSA-4189-1quassel - security update
DSA-3258-1quassel - security update
DSA-3063-1quassel - security update

Search for package or bug name: Reporting problems