ubuntu/+source/quassel:applied/ubuntu/trusty-devel

Last commit made on 2018-05-03
Get this branch:
git clone -b applied/ubuntu/trusty-devel https://git.launchpad.net/ubuntu/+source/quassel
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/trusty-devel
Repository:
lp:ubuntu/+source/quassel

Recent commits

5b3f168... by Scott Kitterman on 2018-04-28

Import patches-applied version 0.10.0-0ubuntu2.3 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 3aa05dbe5f73843e6291306db95870f20fce2996
Unapplied parent: e17cda2d299727d029b1afc203c2b130e80428c8

New changelog entries:
  * SECURITY UPDATE: quasselcore, corruption of heap metadata caused by
    qdatastream (LP: #1767539)
    - debian/patches/Implement_custom_deserializer.patch: Original patch from
      upstream 0.12.5 release, adapted for non-C++ 11 systems by Felix Geyer
    - CVE-2018-1000178
  * SECURITY UPDATE: quasselcore, denial of service for unconfigured core
    (LP: #1767539)
    - debian/patches/Reject_clients_that_attempt_to_login_before_the_core_is
      _configured.patch: Original patch from upstream 0.12.5 release, adapted
      for non-C++ 11 systems by Felix Geyer
    - CVE-2018-1000179

e17cda2... by Scott Kitterman on 2018-04-28

[PATCH] Reject clients that attempt to login before the core is

Gbp-Pq: Reject_clients_that_attempt_to_login_before_the_core_is_configured.patch.

3f96af0... by Scott Kitterman on 2018-04-28

[PATCH] Implement custom deserializer to add our own sanity checks

Gbp-Pq: Implement_custom_deserializer.patch.

bf00ac7... by Scott Kitterman on 2018-04-28

[PATCH] Execute initDbSession() on DB reconnects

Gbp-Pq: CVE-2015-3427.patch.

8d41c50... by Scott Kitterman on 2018-04-28

[PATCH] Improve the message-splitting algorithm for PRIVMSG and CTCP

Gbp-Pq: CVE-2015-2778.patch.

96073fd... by Scott Kitterman on 2018-04-28

[PATCH] Check for invalid input in encrypted buffers

Gbp-Pq: CVE-2014-8483.patch.

8afc9e6... by Scott Kitterman on 2018-04-28

kubuntu_02_enable_message_indicator.diff

No DEP3 Subject or Description header found

Gbp-Pq: kubuntu_02_enable_message_indicator.diff.

e651019... by Scott Kitterman on 2018-04-28

kubuntu_01_default_network_channel.patch

No DEP3 Subject or Description header found

Gbp-Pq: kubuntu_01_default_network_channel.patch.

1a2d70d... by Scott Kitterman on 2018-04-28

Import patches-unapplied version 0.10.0-0ubuntu2.3 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 90252ea8dae9fa69d6f753329ece369b2047c77a

New changelog entries:
  * SECURITY UPDATE: quasselcore, corruption of heap metadata caused by
    qdatastream (LP: #1767539)
    - debian/patches/Implement_custom_deserializer.patch: Original patch from
      upstream 0.12.5 release, adapted for non-C++ 11 systems by Felix Geyer
    - CVE-2018-1000178
  * SECURITY UPDATE: quasselcore, denial of service for unconfigured core
    (LP: #1767539)
    - debian/patches/Reject_clients_that_attempt_to_login_before_the_core_is
      _configured.patch: Original patch from upstream 0.12.5 release, adapted
      for non-C++ 11 systems by Felix Geyer
    - CVE-2018-1000179

3aa05db... by Felix Geyer on 2015-05-01

Import patches-applied version 0.10.0-0ubuntu2.2 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: ffb5e25b454e80d1202b0934cd484654666e14cf
Unapplied parent: 4ab3cd4566808d1735dff313d15fb126c63c9858

New changelog entries:
  * SECURITY UPDATE: stack consumption vulnerability in message splitting code
    - debian/patches/CVE-2015-2778.patch: original patch from Michael Marley,
      backported by Steinar H. Gunderson
    - CVE-2015-2778 and CVE-2015-2779
  * SECURITY UPDATE: SQL injection vulnerability in PostgreSQL backend
    - debian/patches/CVE-2015-3427.patch: upstream patch
    - CVE-2015-3427
    - original issue was CVE-2013-4422 which had an incomplete fix
    - LP: #1448911