1. Forum
  2. Fsxnet Message
  3. FSX BOT

  • Quassel vulnerabilities

    From boo_ubuntu@21:4/110 to Ubuntu Users on Tuesday, October 20, 2020 16:10:03
    quassel vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 18.04 LTS

    Summary

    Quassel could be made to crash or run programs if it received
    specially crafted network traffic.

    Software Description

    * quassel - distributed IRC client - monolithic core+client

    Details

    It was discovered that Quassel incorrectly handled Qdatastream
    protocol. A remote attacker could possibly use this issue to
    execute arbitrary code. (CVE-2018-1000178)

    It was discovered that Quassel incorrectly handled certain login
    requests. A remote attacker could possibly use this issue to cause
    a denial of service. (CVE-2018-1000179)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 18.04 LTS
    quassel - 1:0.12.4-3ubuntu1.18.04.3
    quassel-core - 1:0.12.4-3ubuntu1.18.04.3

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * CVE-2018-1000178
    * CVE-2018-1000179

    --- Mystic BBS v1.12 A46 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)