Your message dated Thu, 02 Apr 2015 06:04:05 +0000
with message-id <[email protected]>
and subject line Bug#781024: fixed in quassel 1:0.10.0-2.3
has caused the Debian Bug report #781024,
regarding quassel: Denial of service (CVE-2015-2778 CVE-2015-2779)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
781024: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781024
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: quassel
Severity: grave
Tags: security
Justification: user security hole

The following security issue was reported against quassel:
https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8

A CVE ID has been requested, but is not yet available, we'll
update the bug once available.

Cheers,
        Moritz

--- End Message ---
--- Begin Message ---
Source: quassel
Source-Version: 1:0.10.0-2.3

We believe that the bug you reported is fixed in the latest version of
quassel, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Olly Betts <[email protected]> (supplier of updated quassel package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 01 Apr 2015 11:41:28 +1300
Source: quassel
Binary: quassel-core quassel-client quassel quassel-data quassel-client-kde4 
quassel-kde4 quassel-data-kde4
Architecture: source all
Version: 1:0.10.0-2.3
Distribution: unstable
Urgency: high
Maintainer: Thomas Mueller <[email protected]>
Changed-By: Olly Betts <[email protected]>
Description:
 quassel    - distributed IRC client - Qt-based monolithic core+client
 quassel-client - distributed IRC client - Qt-based client component
 quassel-client-kde4 - distributed IRC client - KDE-based client
 quassel-core - distributed IRC client - core component
 quassel-data - distributed IRC client - shared data (Qt version)
 quassel-data-kde4 - distributed IRC client - shared data (KDE4 version)
 quassel-kde4 - distributed IRC client - KDE-based monolithic core+client
Closes: 781024
Changes:
 quassel (1:0.10.0-2.3) unstable; urgency=high
 .
   * Non-maintainer upload with maintainer's permission.
   * Improve the message-splitting algorithm for PRIVMSG and CTCP.  Original
     patch from Michael Marley, backported by Steinar H. Gunderson.  Fixes
     CVE-2015-2778 and CVE-2015-2779.  (Closes: #781024)
Checksums-Sha1:
 b11307116151c1ff96ad3bce07374a6899bbad32 2356 quassel_0.10.0-2.3.dsc
 22f0a53883ee6eb62b8f58a7dc768f15b6b053c3 21780 quassel_0.10.0-2.3.debian.tar.xz
 69592504d27b2c25e3451338a1f90bc705d00d5f 22804 quassel-data_0.10.0-2.3_all.deb
 398682e1a140f2d6be07dabae94c140bf5c4bdb2 625446 
quassel-data-kde4_0.10.0-2.3_all.deb
Checksums-Sha256:
 de6de1e586b9f56454eeed23912d514b15b4564ca47acdaab8b87d9243608a0b 2356 
quassel_0.10.0-2.3.dsc
 cad61ba7b89e6508dc43bcc987e581608bf0e5a21f14453c314553f2be6e1c72 21780 
quassel_0.10.0-2.3.debian.tar.xz
 61ca3b03b60d6b150b17712db346e03878d31401054a51e4cc4bd924d858dcb7 22804 
quassel-data_0.10.0-2.3_all.deb
 e57c933792a0779c92d6608b304ebf33b55e1ef677b81852a6cc4efe459aeb7e 625446 
quassel-data-kde4_0.10.0-2.3_all.deb
Files:
 175fca302884d4c94004d4abb2159a0f 2356 net optional quassel_0.10.0-2.3.dsc
 e53ac5b221e2e50b8c1f7b46362dbc0f 21780 net optional 
quassel_0.10.0-2.3.debian.tar.xz
 0bb473957ca32053454991831ae68037 22804 net optional 
quassel-data_0.10.0-2.3_all.deb
 8750592f8c15398e2701ea09a17c547b 625446 net optional 
quassel-data-kde4_0.10.0-2.3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJVHNiGAAoJEBgUewc7rSsHqZoP/2KI5Rtyi4djd2xKVjTPTXkJ
TevVxO9LZf1Xg0SrBGhpjpGvr9RU6axuz7/edLxRlCje73+r+TgwAcBLgGvk5whP
ozjY3JOTWabAtau0BROQpII7aivUZdhJ3CPn5yid4WfSOtN6zdiMMAkCl6Hms4bg
LvrDsSDaVqEtDZqjGgbBJTRmUSM2q/ya3uEqyCDZbpLYf4bhgXfmOH1RnP5xmMgQ
oVR+CoGWq7g0taVSHH88DBQkA3N+XNDW46lbRql/MHgwmQlz2tvXUXAKfNi4JzU+
EWrLu+IVHIzK34J6aLEz/TygnGVsCrt8QdCR0zUtcLfmsp54QCs6SUPyTDUmUvTo
ez0wjrHoRdJgzDE7lyKzq1+YgDfxs6C5OA45ob+63gjlG+AdjREpAVnwMv2XfMC8
R6V+BK8sImFoTxxCd+bDFRxrl1xLLrfG5GlxqooHyfl20rk3Mn/+2BvLlrSy+GO1
l84teylD3LGe1GXD98El+UCd/KzSx/X6tkWTgh6iQZmfmLBLkm43YJRK/5WaMip8
8eW2wFA0nKpRxYsquk8HW84sEmGElxc6WfzHGGW9XkwsvEEIoq6ZLHwXRTQy6AJi
WX5+rtAIE5Vy5sH9/X4bW2dehfxNN05HbMPrJUx2pnakBnzyiIqi+cSPKUUFF4UM
MykHx8ybVFNbIUad/P33
=ACDZ
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to