Bug 736868 (CVE-2011-3354)
| Summary: | CVE-2011-3354 quassel: invalid CTCP handling causes DoS | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | jreznik, nathelbiya, smparrish, tdfischer |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-10-23 19:28:38 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 736869 | ||
| Bug Blocks: | |||
|
Description
Vincent Danen
2011-09-08 21:52:02 UTC
Created quassel tracking bugs for this issue Affects: fedora-all [bug 736869] This was assigned the name CVE-2011-3354. I am currently attempting to request maintainership of the Quassel package since it seems the current maintainer has been MIA (according to zodbot on irc) for over 20 weeks. See bug 736874 for the request. Additionally, here is a Koji scratch build of Quassel 0.7.3: http://koji.fedoraproject.org/koji/taskinfo?taskID=3343840 No modification needed to the .spec file beyond bumping the version, if a provenpackager wants to push the update. Trever, thanks for heads-up, I used my provenpacker foo and updates for all Fedora's are submitted to Bodhi. This can be closed as the fix is out for a long time. |