Debian Security Advisory 3258-1

Debian Security Advisory 3258-1: Posted May 13, 2015; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3258-1 - It was discovered that the fix for CVE-2013-4422 in quassel, a distributed IRC client, was incomplete. This could allow remote attackers to inject SQL queries after a database reconnection (e.g. when the backend PostgreSQL server is restarted).; tags | advisory, remote; systems | linux, debian; advisories | CVE-2015-3427; SHA-256 | c1488d5b679bb37964f56066e2997ee17a65e2d88a594c168274f880f940141d; Download | Favorite | View

Debian Security Advisory 3258-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3258-1                   security@debian.org
http://www.debian.org/security/                        Alessandro Ghedini
May 12, 2015                           http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : quassel
CVE ID         : CVE-2015-3427
Debian Bug     : 783926

It was discovered that the fix for CVE-2013-4422 in quassel, a
distributed IRC client, was incomplete. This could allow remote
attackers to inject SQL queries after a database reconnection (e.g.
when the backend PostgreSQL server is restarted).

For the stable distribution (jessie), this problem has been fixed in
version 1:0.10.0-2.3+deb8u1.

For the testing distribution (stretch), this problem has been fixed in
version 1:0.10.0-2.4.

For the unstable distribution (sid), this problem has been fixed in
version 1:0.10.0-2.4.

We recommend that you upgrade your quassel packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVUldBAAoJEK+lG9bN5XPLS9wQAJe3WkLcWOYZkAaATpzGP8NX
cILGuG0lfyka7G2KJqLORd2rfF0GSVcu1FjtWaJ9v2/bUhjIziC1SHDuZ/1AndSi
0d15420cYMvbiE3eL2CqZzdv7Ac2VJ3LKsjHVzHMA5KJMV6wNtj3vPrpBqJHjpDj
Mg6BB5dRpdglohhb0x+3Ka/lff0awhRVJj6+iiCvtAOTqoMNqb6hykokqk7KY2s7
NMJ6Nsc08e+qKTl5yVVMSsY5nhPErvLzAS1SqSx5bLQYeHhDTRrblkHv99N9uewm
Q6OBPBS6Mn9RRFeC6Fqt8mEXw7ni3GFDbp30Ewxb4ynIbPFzz3q/vdIcrMiELz3x
Zh3Q6X70kmVNZFoPHLOqXydPHGK/N1dLlU5lOEE/XmVUkfSVB7VMINLR0e8vscoB
IiNWqPRg8yDW57IODXnijYtA7DTWnJa0LmEnbwTSteNHtx/u9rNyxLp4qElB6AxR
Q/cf6DaHkrXZ67/h2m4jVx6Ti8kYLEd5NRZSCcDQzZA8XkPcG8wNFJy4XjPjnwJz
jv/yXAChD/7LKI4pkIN+2SCHGFK78w9E3KOSM1E1Kav6nLlsDRs4u4M0d538h/Ra
oW/jr2zXdvVxArje4CQXQn4zcGFFbIkPjgrMn5YG+ViBlF+1UoKv4LDj2Ic4ftZw
P6ZxFH1JJMJIwpUcbjjV
=kvEl
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 270 files
indoushka 152 files
Jay Turla 150 files
Ubuntu 68 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Debian 27 files
Karn Ganeshen 23 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,117)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,066)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,731)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,807)
UNIX (9,449)
UnixWare (187)
Windows (6,762)
Other

Debian Security Advisory 3258-1

Debian Security Advisory 3258-1

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 3258-1

Share This

Debian Security Advisory 3258-1

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems