CtcpParser::packedReply in src/core/ctcpparser.cpp in Quassel does not process certain CTCP requests correctly, allowing a remote attacker connected to the same IRC network as the victim to cause a Denial of Service condition by sending specially crafted CTCP requests. This was demonstrated in various exploits on freenode today. Fixed in git commit in $URL, released as quassel-0.7.3.
Maintainers: Can we stabilize 0.7.3?
Amd64 and x86 stable, works on both chroots. Anything else? :)
Already stable by Tomas. Adding glsa vote request.
Thanks, folks. GLSA Vote: no.
NO too. Closing noglsa.
CVE-2011-3354 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3354): The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011.