Mageia Bugzilla – Bug 11443
quassel new security issue CVE-2013-4422
Last modified: 2013-10-17 22:06:38 CEST
A CVE was assigned for a security issue fixed in quassel 0.9.1:
Updated packages uploaded for Mageia 3 and Cauldron.
Mageia 2 is not affected, as it has Qt 4.8.4.
Updated quassel packages fix security vulnerability:
Quassel IRC before 0.9.1 is vulnerable to SQL injection if used with Qt 4.8.5,
due to a change in Qt's postgres driver, allowing other IRC users to trick the
Quassel core into executing SQL queries (CVE-2013-4422).
This update provides Quassel 0.9.1, which fixes this and several other issues.
Updated packages in core/updates_testing:
Steps to Reproduce:
Testing complete mga3 32 & 64
Validating. Advisory uploaded.
Could sysadmin please push from 3 core/updates_testing to updates