Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for quassel

This update for quassel fixes the following issues:

Security fixes (boo#1090495):

- CVE-2018-1000178: A heap metadata corruption in qdatastream could have been
exploited to launch an unauthenticated remote code execution

- CVE-2018-1000179: A remote attacker could have caused a Denial of Service attack
by initiating login attempts before the core got initialized

The following tracked packaging change is included:

- boo#1069468: no longer use /var/adm/fillup-templates

This update also includes various small bug fixes in the upstream 0.12.4 release.

Fixed bugs
bnc#1090495
VUL-0: quassel: Corruption of heap metadata leading to preauth remote code execution and DOS
bnc#1069468
Packages should no longer use /var/adm/fillup-templates
CVE-2018-1000178
CVE-2018-1000179
Selected Binaries
openSUSE Build Service is sponsored by
Places