CtcpParser::packedReply in src/core/ctcpparser.cpp in Quassel does not process certain CTCP requests correctly, allowing a remote attacker connected to the same IRC network as the victim to cause a Denial of Service condition by sending specially crafted CTCP requests. This was demonstrated in various exploits on freenode today.
Fixed in git commit in $URL, released as quassel-0.7.3.
Maintainers: Can we stabilize 0.7.3?
Amd64 and x86 stable, works on both chroots.
Anything else? :)
Already stable by Tomas. Adding glsa vote request.
Thanks, folks. GLSA Vote: no.
NO too. Closing noglsa.
The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before
0.7.3 allows remote attackers to cause a denial of service (crash) via a
crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the
wild in September 2011.