A CVE was assigned for a DoS issue fixed in quassel 0.12.4:
Already done for Cauldron.
Can I update to 0.12.4 upstream release for mga5 too?
(In reply to David GEIGER from comment #1)
> Already done for Cauldron.
> Can I update to 0.12.4 upstream release for mga5 too?
Upstream patch here should work:
It doesn't built anymore with this upstream patch:
/home/david/mgarepo/quassel/BUILD/quassel-0.10.1/src/common/peerfactory.cpp:59:5: warning: identifier 'nullptr' is a keyword in C++11 [-Wc++0x-compat]
/home/david/mgarepo/quassel/BUILD/quassel-0.10.1/src/common/peerfactory.cpp: In static member function 'static RemotePeer* PeerFactory::createPeer(const ProtoList&, AuthHandler*, QTcpSocket*, Compressor::CompressionLevel, QObject*)':
/home/david/mgarepo/quassel/BUILD/quassel-0.10.1/src/common/peerfactory.cpp:59:12: error: 'nullptr' was not declared in this scope
/home/david/mgarepo/quassel/BUILD/quassel-0.10.1/src/common/peerfactory.cpp:60:1: error: control reaches end of non-void function [-Werror=return-type]
cc1plus: some warnings being treated as errors
src/common/CMakeFiles/mod_common.dir/build.make:823: recipe for target 'src/common/CMakeFiles/mod_common.dir/peerfactory.cpp.o' failed
make: *** [src/common/CMakeFiles/mod_common.dir/peerfactory.cpp.o] Error 1
make: *** Waiting for unfinished jobs....
I don't see how 0.12.4 would compile then either. I don't see anything in the SPEC that indicates that it's compiling it differently, and the nullptr thing appears to have first been introduced into quassel code on Sept 21 and they didn't have to do anything special to make it work. Maybe our older compiler in Mageia 5 just doesn't like it and needs a special argument for it to work.
On my local machine mga5 for x86_64 0.12.4 release compile fine but 0.10.1 release with new patch doesn't built.
That makes no sense. It's not like nullptr is declared somewhere. I wonder if there's something in a cmake file or something in 0.12.4 that changes compiler flags. Can you compare the compiler flags used between the two builds?
So ok done now for mga5!
I have to force C++11 support enabling in CMakeLists file.
quassel-0.10.1-5.2.mga5 landed in 5 core/updates_testing over 3 hours ago
However, this bug isn't assigned to QA team, yet, and still misses an advisory and package list (and maybe PoC?)
I'm not aware of a public PoC, but I don't know if the initial bug report is.
Updated quassel packages fix security vulnerability:
It was found that quasselcore is vulnerable to a denial of service attack by
unauthenticated clients. The protocol negotiation did not take into account
lack of a match in handshake data, in which case PeerFactory::createPeer
returns a nullptr, which is immediately dereferenced (CVE-2016-4414).
Updated packages in core/updates_testing:
Linux localhost 4.1.15-desktop-2.mga5 #1 SMP Wed Jan 20 17:05:51 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
Package quassel-0.10.1-5.2.mga5.x86_64 is already installed
Able to connect to Freenode and #mageia channel
[21:04:40] <-> You are now known as Guest30435
[21:04:46] <-> You are now known as brian__
[21:04:49] <brian__> Hi Testing Quassel0.10.1-5.2
[21:04:54] <brian__> anyone out there?
[21:08:08] <brian__> I'll assume this is working since I can see the connection and posts.
working as designed.
working as designed in 586
Linux localhost 4.1.15-desktop-2.mga5 #1 SMP Wed Jan 20 17:37:30 UTC 2016 i686 i686 i686 GNU/Linux
Package quassel-0.10.1-5.2.mga5.i586 is already installed
[21:24:25] <brian_> testing quassel 0.10.1.5.2
[21:27:49] <rindolf> brian_: hi.
[21:27:50] <brian_> i586 test - seems to be posting
working as designed.
MGA5-64-OK MGA5-32-OK =>
has_procedure advisory MGA5-64-OK MGA5-32-OK
An update for this issue has been pushed to the Mageia Updates repository.