Author: Felix Geyer
Revision Date: 2015-05-01 18:46:52 UTC

* SECURITY UPDATE: stack consumption vulnerability in message splitting code
  - debian/patches/CVE-2015-2778.patch: original patch from Michael Marley,
    backported by Steinar H. Gunderson
  - CVE-2015-2778 and CVE-2015-2779
* SECURITY UPDATE: SQL injection vulnerability in PostgreSQL backend
  - debian/patches/CVE-2015-3427.patch: upstream patch
  - CVE-2015-3427
  - original issue was CVE-2013-4422 which had an incomplete fix
  - LP: #1448911

Author: Felix Geyer
Revision Date: 2015-05-01 18:30:44 UTC

* SECURITY UPDATE: stack consumption vulnerability in message splitting code
  - debian/patches/CVE-2015-2778.patch: original patch from Michael Marley,
    backported by Steinar H. Gunderson
  - CVE-2015-2778 and CVE-2015-2779
* SECURITY UPDATE: SQL injection vulnerability in PostgreSQL backend
  - debian/patches/CVE-2015-3427.patch: upstream patch
  - CVE-2015-3427
  - original issue was CVE-2013-4422 which had an incomplete fix
  - LP: #1448911

Author: Jonathan Riddell
Revision Date: 2015-04-27 10:11:13 UTC

* New upstream release
- LP: #1448911 Execute initDbSession() on DB reconnects

Author: Jonathan Riddell
Revision Date: 2015-04-27 10:11:13 UTC

* New upstream release
- LP: #1448911 Execute initDbSession() on DB reconnects

Author: Michael Marley
Revision Date: 2015-05-17 18:58:08 UTC

Generate a 2048-bit cert. (LP: #1455990)

Author: Michael Marley
Revision Date: 2015-05-17 18:58:08 UTC

Generate a 2048-bit cert. (LP: #1455990)

Author: Felix Geyer
Revision Date: 2015-05-01 18:46:52 UTC

* SECURITY UPDATE: stack consumption vulnerability in message splitting code
  - debian/patches/CVE-2015-2778.patch: original patch from Michael Marley,
    backported by Steinar H. Gunderson
  - CVE-2015-2778 and CVE-2015-2779
* SECURITY UPDATE: SQL injection vulnerability in PostgreSQL backend
  - debian/patches/CVE-2015-3427.patch: upstream patch
  - CVE-2015-3427
  - original issue was CVE-2013-4422 which had an incomplete fix
  - LP: #1448911

Author: Felix Geyer
Revision Date: 2015-05-01 18:30:44 UTC

* SECURITY UPDATE: stack consumption vulnerability in message splitting code
  - debian/patches/CVE-2015-2778.patch: original patch from Michael Marley,
    backported by Steinar H. Gunderson
  - CVE-2015-2778 and CVE-2015-2779
* SECURITY UPDATE: SQL injection vulnerability in PostgreSQL backend
  - debian/patches/CVE-2015-3427.patch: upstream patch
  - CVE-2015-3427
  - original issue was CVE-2013-4422 which had an incomplete fix
  - LP: #1448911

Author: Jonathan Riddell
Revision Date: 2015-04-27 10:11:13 UTC

* New upstream release
- LP: #1448911 Execute initDbSession() on DB reconnects

Author: Jonathan Riddell
Revision Date: 2015-04-23 15:34:09 UTC

New upstream release

Author: Felix Geyer
Revision Date: 2014-11-04 18:19:33 UTC

* SECURITY UPDATE: out-of-bounds read in ECB Blowfish decryption
  - debian/patches/CVE-2014-8483.patch: backport upstream patch
  - CVE-2014-8483
  - LP: #1388333

Author: Felix Geyer
Revision Date: 2014-11-04 18:19:33 UTC

* SECURITY UPDATE: out-of-bounds read in ECB Blowfish decryption
  - debian/patches/CVE-2014-8483.patch: backport upstream patch
  - CVE-2014-8483
  - LP: #1388333

Author: Scott Kitterman
Revision Date: 2014-09-25 00:19:27 UTC

New upstream bugfix release

Author: Scott Kitterman
Revision Date: 2014-09-25 00:19:27 UTC

New upstream bugfix release

Author: Scott Kitterman
Revision Date: 2014-04-09 16:10:10 UTC

Update quasselcore man page to cover all usage options

Author: Scott Kitterman
Revision Date: 2014-04-09 16:10:10 UTC

Update quasselcore man page to cover all usage options

Author: Felix Geyer
Revision Date: 2014-01-16 21:46:04 UTC

* SECURITY UPDATE: clients can access backlogs belonging to other users
  - debian/patches/CVE-2013-6404.patch: add upstream patch
  - CVE-2013-6404
  - LP: #1255362

Author: Felix Geyer
Revision Date: 2014-01-16 21:44:27 UTC

* SECURITY UPDATE: clients can access backlogs belonging to other users
  - debian/patches/CVE-2013-6404.patch: add upstream patch
  - CVE-2013-6404
  - LP: #1255362

Author: Felix Geyer
Revision Date: 2014-01-16 21:46:04 UTC

* SECURITY UPDATE: clients can access backlogs belonging to other users
  - debian/patches/CVE-2013-6404.patch: add upstream patch
  - CVE-2013-6404
  - LP: #1255362

Author: Felix Geyer
Revision Date: 2014-01-16 21:44:27 UTC

* SECURITY UPDATE: clients can access backlogs belonging to other users
  - debian/patches/CVE-2013-6404.patch: add upstream patch
  - CVE-2013-6404
  - LP: #1255362

Author: Scott Kitterman
Revision Date: 2013-10-11 00:06:18 UTC

New upstream release

Author: Scott Kitterman
Revision Date: 2013-10-11 00:06:18 UTC

New upstream release

Author: Scott Kitterman
Revision Date: 2013-04-16 21:28:37 UTC

New upstream release

Author: Scott Kitterman
Revision Date: 2013-04-16 21:28:37 UTC

New upstream release

Author: Rohan Garg
Revision Date: 2012-08-26 13:21:16 UTC

Add libqtwebkit-dev to build deps to enable link previews

Author: Scott Kitterman
Revision Date: 2012-03-20 18:21:56 UTC

* New upstream release
* Add debian/patches/0001-Support-intermediate-CA-certificates.patch and
  0002-Allow-the-core-to-use-expired-certificates.patch from Felix Geyer to
  correct issues with SSL integration

Author: Iain Lane
Revision Date: 2011-11-04 12:10:35 UTC

Automated backport upload; no source changes.

Author: Iain Lane
Revision Date: 2011-11-04 12:06:12 UTC

Automated backport upload; no source changes.

Author: Felix Geyer
Revision Date: 2011-09-26 18:41:25 UTC

* SECURITY UPDATE: data and log dir are world-readable (LP: #846922)
  - Set permissions of /var/lib/quassel and /var/log/quassel to 750.
  - Set permissions of /var/lib/quassel/quasselCert.pem to 640.

Author: Felix Geyer
Revision Date: 2011-10-12 23:50:47 UTC

* SECURITY UPDATE: data and log dir are world-readable (LP: #846922)
  - Set permissions of /var/lib/quassel and /var/log/quassel to 750.
  - Set permissions of /var/lib/quassel/quasselCert.pem to 640.

Author: Felix Geyer
Revision Date: 2011-10-12 23:48:38 UTC

* SECURITY UPDATE: data and log dir are world-readable (LP: #846922)
  - Set permissions of /var/lib/quassel and /var/log/quassel to 750.
  - Set permissions of /var/lib/quassel/quasselCert.pem to 640.

Author: Felix Geyer
Revision Date: 2011-10-12 23:50:47 UTC

* SECURITY UPDATE: data and log dir are world-readable (LP: #846922)
  - Set permissions of /var/lib/quassel and /var/log/quassel to 750.
  - Set permissions of /var/lib/quassel/quasselCert.pem to 640.

Author: Felix Geyer
Revision Date: 2011-10-12 23:48:38 UTC

* SECURITY UPDATE: data and log dir are world-readable (LP: #846922)
  - Set permissions of /var/lib/quassel and /var/log/quassel to 750.
  - Set permissions of /var/lib/quassel/quasselCert.pem to 640.

Author: Felix Geyer
Revision Date: 2011-09-26 18:41:25 UTC

* SECURITY UPDATE: data and log dir are world-readable (LP: #846922)
  - Set permissions of /var/lib/quassel and /var/log/quassel to 750.
  - Set permissions of /var/lib/quassel/quasselCert.pem to 640.

Author: Felix Geyer
Revision Date: 2011-09-19 19:18:08 UTC

Fix bug in quassel-core preinst script that caused upgrade commands to
be run on new installations. (LP: #853841)

Author: Paul Stewart
Revision Date: 2011-08-26 05:26:44 UTC

* Changed the message to "You need at least 0.6 quasselcore to use this feature"

Author: Scott Kitterman
Revision Date: 2011-05-05 12:43:51 UTC

Correct /var/lib/quassel directory ownership for upgrades (LP: #777966)

Author: Scott Kitterman
Revision Date: 2011-04-06 22:23:47 UTC

Fix up quassel-core.preinst to finish the /var/cache to /var/lib
transition (LP: #753080)

Author: Steve Beattie
Revision Date: 2010-09-21 13:46:14 UTC

* SECURITY UPDATE: fix multiple CTCP DoS issue (LP: #629774)
  - debian/patches/10-quassel_multiple_CTCP_DoS_lp629774.patch

Author: Steve Beattie
Revision Date: 2010-09-21 13:46:14 UTC

* SECURITY UPDATE: fix multiple CTCP DoS issue (LP: #629774)
  - debian/patches/10-quassel_multiple_CTCP_DoS_lp629774.patch

Author: Steve Beattie
Revision Date: 2010-09-21 11:47:15 UTC

* SECURITY UPDATE: fix multiple CTCP DoS issue (LP: #629774)
  - debian/patches/10-quassel_multiple_CTCP_DoS_lp629774.patch

Author: Steve Beattie
Revision Date: 2010-09-21 11:47:15 UTC

* SECURITY UPDATE: fix multiple CTCP DoS issue (LP: #629774)
  - debian/patches/10-quassel_multiple_CTCP_DoS_lp629774.patch

Author: Scott Kitterman
Revision Date: 2010-09-21 08:55:19 UTC

* SECURITY UPDATE:
* References
* Upstream Git 0f2c520a76a468d3778e031ebde2d304048e1663
  - If we receive multiple CTCP requests in one PRIVMSG we now answer with
    one packed NOTICE containing all CTCP replies. This fixes a possible
    DoS Attack rendering Quassels IRC connection useless. Upgrading is
    strongly recommended. Thanks to Jima for reporting and supporting

Author: Scott Kitterman
Revision Date: 2010-04-19 08:40:10 UTC

* New upstream bugfix release
  - Drop debian/patches/quassel_01_dont_crash_on_startup.patch and
    debian/patches/quassel_02_enforce_sqlite_in_mono_client.patch

Author: Scott Kitterman
Revision Date: 2010-01-23 12:18:25 UTC

* Source backport of quassel 0.5.2 from Lucid
  - Backport the new upstream release based on the Karmic packaging because
    the Lucid packaging is substantially different and would require both
    pkg-kde-tools and debhelper backports
  - Drop kubuntu_02_ctcp_ignore.patch, incorporated upstream

Author: Scott Kitterman
Revision Date: 2010-01-18 22:31:00 UTC

* Add kubuntu_02_ctcp_ignore.patch from upstream to add the ability to
  ignore ctcp requests (LP: #509287)
  - Urgent for SRU due to the recent wave of various DoS attacks on freenode

Author: Scott Kitterman
Revision Date: 2009-10-29 13:48:55 UTC

Actually ship actions/irc*.png and actions/im*.png

Author: Scott Kitterman
Revision Date: 2009-10-14 17:44:45 UTC

* New uptream release
  - Fixes core high CPU use with multiple users
  - Fixes click to focus on last message and message indicator work with
    default Kubuntu focus stealing prevention (LP: #422062)

Author: Scott Kitterman
Revision Date: 2009-04-03 16:43:18 UTC

Update debian/patches/notification-fix.patch to fix multiple notification
hang (Quassel #657)

Author: Ubuntu Archive Auto-Sync
Revision Date: 2009-03-19 15:38:45 UTC

Automated backport upload; no source changes.

Author: Harald Sitter
Revision Date: 2008-10-26 00:39:18 UTC

Fix wrong QByteArray use in quassel_16_ctcp_level_and_low_level_quoting
(LP: #289291)

Author: Harald Sitter
Revision Date: 2008-09-09 14:57:02 UTC

Automated backport upload; no source changes.