It was discovered and fixed [1] in Quassel, a DoS remotely triggerable by any client on a Quassel core. Any client sending the command "/op *" in a query will cause the Quassel core to crash. I was able to reproduce it with Quassel 0.10.0. No release has this fix in yet. [1]: https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7
Revision bump with patch in tree. https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=482f523317639f94b7ef195d2d105699e5966d48
@maintainer: please initiate a stable req
RepoMan scours the neighborhood... dependency.missingslot 8 net-irc/quassel/quassel-0.12.2.ebuild: RDEPEND: 'kde-frameworks/oxygen-icons' matches more than one slot, please specify an explicit slot and/or use the := or :* slot operator net-irc/quassel/quassel-0.12.2.ebuild: RDEPEND: 'kde-frameworks/oxygen-icons' matches more than one slot, please specify an explicit slot and/or use the := or :* slot operator net-irc/quassel/quassel-0.12.2-r3.ebuild: RDEPEND: 'kde-frameworks/oxygen-icons' matches more than one slot, please specify an explicit slot and/or use the := or :* slot operator net-irc/quassel/quassel-0.12.2-r3.ebuild: RDEPEND: 'kde-frameworks/oxygen-icons' matches more than one slot, please specify an explicit slot and/or use the := or :* slot operator net-irc/quassel/quassel-0.12.3.ebuild: RDEPEND: 'kde-frameworks/oxygen-icons' matches more than one slot, please specify an explicit slot and/or use the := or :* slot operator net-irc/quassel/quassel-0.12.3.ebuild: RDEPEND: 'kde-frameworks/oxygen-icons' matches more than one slot, please specify an explicit slot and/or use the := or :* slot operator net-irc/quassel/quassel-9999.ebuild: RDEPEND: 'kde-frameworks/oxygen-icons' matches more than one slot, please specify an explicit slot and/or use the := or :* slot operator net-irc/quassel/quassel-9999.ebuild: RDEPEND: 'kde-frameworks/oxygen-icons' matches more than one slot, please specify an explicit slot and/or use the := or :* slot operator
amd64 stable
x86 stable
ppc stable. Maintainer(s), please cleanup.
Thanks all. Cleanup done, remove maintainer from cc. https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b081e13464ea0f48df445ccb364344b5b4bc62e3
CVE-2015-8547 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8547): The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query.
GLSA Vote: No