A CVE was assigned for a DoS issue fixed in quassel 0.12.4: http://openwall.com/lists/oss-security/2016/04/30/4
Already done for Cauldron. Can I update to 0.12.4 upstream release for mga5 too?
CC: (none) => geiger.david68210
(In reply to David GEIGER from comment #1) > Already done for Cauldron. > > Can I update to 0.12.4 upstream release for mga5 too? Upstream patch here should work: https://github.com/quassel/quassel/commit/e678873
It doesn't built anymore with this upstream patch: /home/david/mgarepo/quassel/BUILD/quassel-0.10.1/src/common/peerfactory.cpp:59:5: warning: identifier 'nullptr' is a keyword in C++11 [-Wc++0x-compat] return nullptr; ^ /home/david/mgarepo/quassel/BUILD/quassel-0.10.1/src/common/peerfactory.cpp: In static member function 'static RemotePeer* PeerFactory::createPeer(const ProtoList&, AuthHandler*, QTcpSocket*, Compressor::CompressionLevel, QObject*)': /home/david/mgarepo/quassel/BUILD/quassel-0.10.1/src/common/peerfactory.cpp:59:12: error: 'nullptr' was not declared in this scope return nullptr; ^ /home/david/mgarepo/quassel/BUILD/quassel-0.10.1/src/common/peerfactory.cpp:60:1: error: control reaches end of non-void function [-Werror=return-type] } ^ cc1plus: some warnings being treated as errors src/common/CMakeFiles/mod_common.dir/build.make:823: recipe for target 'src/common/CMakeFiles/mod_common.dir/peerfactory.cpp.o' failed make[2]: *** [src/common/CMakeFiles/mod_common.dir/peerfactory.cpp.o] Error 1 make[2]: *** Waiting for unfinished jobs....
I don't see how 0.12.4 would compile then either. I don't see anything in the SPEC that indicates that it's compiling it differently, and the nullptr thing appears to have first been introduced into quassel code on Sept 21 and they didn't have to do anything special to make it work. Maybe our older compiler in Mageia 5 just doesn't like it and needs a special argument for it to work.
On my local machine mga5 for x86_64 0.12.4 release compile fine but 0.10.1 release with new patch doesn't built.
That makes no sense. It's not like nullptr is declared somewhere. I wonder if there's something in a cmake file or something in 0.12.4 that changes compiler flags. Can you compare the compiler flags used between the two builds?
So ok done now for mga5! I have to force C++11 support enabling in CMakeLists file.
quassel-0.10.1-5.2.mga5 landed in 5 core/updates_testing over 3 hours ago However, this bug isn't assigned to QA team, yet, and still misses an advisory and package list (and maybe PoC?)
CC: (none) => marja11
I'm not aware of a public PoC, but I don't know if the initial bug report is. Advisory: ======================== Updated quassel packages fix security vulnerability: It was found that quasselcore is vulnerable to a denial of service attack by unauthenticated clients. The protocol negotiation did not take into account lack of a match in handshake data, in which case PeerFactory::createPeer returns a nullptr, which is immediately dereferenced (CVE-2016-4414). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4414 http://openwall.com/lists/oss-security/2016/04/30/4 ======================== Updated packages in core/updates_testing: ======================== quassel-0.10.1-5.2.mga5 quassel-common-0.10.1-5.2.mga5 quassel-client-0.10.1-5.2.mga5 quassel-core-0.10.1-5.2.mga5 from quassel-0.10.1-5.2.mga5.src.rpm
Assignee: bugsquad => qa-bugs
uname -a Linux localhost 4.1.15-desktop-2.mga5 #1 SMP Wed Jan 20 17:05:51 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux urpmi quassel Package quassel-0.10.1-5.2.mga5.x86_64 is already installed Able to connect to Freenode and #mageia channel [21:04:40] <-> You are now known as Guest30435 [21:04:46] <-> You are now known as brian__ [21:04:49] <brian__> Hi Testing Quassel0.10.1-5.2 [21:04:54] <brian__> anyone out there? [21:08:08] <brian__> I'll assume this is working since I can see the connection and posts. working as designed.
CC: (none) => brtians1Whiteboard: (none) => MGA5-64-OK
working as designed in 586 Linux localhost 4.1.15-desktop-2.mga5 #1 SMP Wed Jan 20 17:37:30 UTC 2016 i686 i686 i686 GNU/Linux urpmi quassel Package quassel-0.10.1-5.2.mga5.i586 is already installed [21:24:25] <brian_> testing quassel 0.10.1.5.2 [21:27:49] <rindolf> brian_: hi. [21:27:50] <brian_> i586 test - seems to be posting working as designed.
Whiteboard: MGA5-64-OK => MGA5-64-OK MGA5-32-OK
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Advisory uploaded.
Whiteboard: MGA5-64-OK MGA5-32-OK => has_procedure advisory MGA5-64-OK MGA5-32-OK
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0166.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/686575/