It was discovered that the fix for CVE-2013-4422 was incomplete and did not fix the original SQL injection on reconnection issue. Upstream patch: https://github.com/quassel/quassel/commit/6605882f41331c80f7ac3a6992650a702ec71283 Fixed version: http://quassel-irc.org/node/120
Created quassel tracking bugs for this issue: Affects: fedora-all [bug 1216076] Affects: epel-6 [bug 1216077] Affects: epel-7 [bug 1216078]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.