Package: quassel | Debian Sources

Package: quassel / 0.8.0-1+deb7u3

Metadata

Package	Version	Patches format
quassel	0.8.0-1+deb7u3	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
01_default_network_channel.patch \| (download)	data/networks.ini \| 7 7 + 0 - 0 ! 1 file changed, 7 insertions(+)	debian specific channels are added. Debian IRC server with the default channel #debian is added as well as the #debian-user channel on OFTC.
CVE 2013 6404.patch \| (download)	src/core/SQL/PostgreSQL/16/select_buffer_by_id.sql \| 2 1 + 1 - 0 ! src/core/SQL/PostgreSQL/16/update_network.sql \| 3 2 + 1 - 0 ! src/core/SQL/SQLite/17/select_buffer_by_id.sql \| 2 1 + 1 - 0 ! 3 files changed, 4 insertions(+), 3 deletions(-)	[patch] make sure that clients can't access buffers belonging to other users A manipulated, but properly authenticated client was able to retrieve the backlog of other users on the same core in some cases by providing an appropriate BufferID to the storage engine. Note that proper authentication was still required, so exploiting this requires malicious users on your core. This commit fixes this issue by ensuring that foreign BufferIDs are off-limits.
CVE 2014 8483.patch \| (download)	src/core/cipher.cpp \| 11 10 + 1 - 0 ! 1 file changed, 10 insertions(+), 1 deletion(-)	[patch] check for invalid input in encrypted buffers The ECB Blowfish decryption function assumed that encrypted input would always come in blocks of 12 characters, as specified. However, buggy clients or annoying people may not adhere to that assumption, causing the core to crash while trying to process the invalid base64 input. With this commit we make sure that we're not overstepping the bounds of the input string while decoding it; instead we bail out early and display the original input. Fixes #1314. Thanks to Tucos for finding that one!

Patch

File delta

Description

01_default_network_channel.patch | (download)

data/networks.ini | 7 7 + 0 - 0 !
1 file changed, 7 insertions(+)

 debian specific channels are added.
 Debian IRC server with the default channel #debian is added
 as well as the #debian-user channel on OFTC.

CVE 2013 6404.patch | (download)

src/core/SQL/PostgreSQL/16/select_buffer_by_id.sql | 2 1 + 1 - 0 !
src/core/SQL/PostgreSQL/16/update_network.sql | 3 2 + 1 - 0 !
src/core/SQL/SQLite/17/select_buffer_by_id.sql | 2 1 + 1 - 0 !
3 files changed, 4 insertions(+), 3 deletions(-)

 [patch] make sure that clients can't access buffers belonging to
 other users

A manipulated, but properly authenticated client was able to retrieve
the backlog of other users on the same core in some cases by providing
an appropriate BufferID to the storage engine. Note that proper
authentication was still required, so exploiting this requires
malicious users on your core. This commit fixes this issue by ensuring
that foreign BufferIDs are off-limits.

CVE 2014 8483.patch | (download)

src/core/cipher.cpp | 11 10 + 1 - 0 !
1 file changed, 10 insertions(+), 1 deletion(-)

 [patch] check for invalid input in encrypted buffers

The ECB Blowfish decryption function assumed that encrypted input would
always come in blocks of 12 characters, as specified. However, buggy
clients or annoying people may not adhere to that assumption, causing
the core to crash while trying to process the invalid base64 input.

With this commit we make sure that we're not overstepping the bounds of
the input string while decoding it; instead we bail out early and display
the original input. Fixes #1314.

Thanks to Tucos for finding that one!