Advisories ยป MGASA-2014-0436

Updated quassel packages fix security vulnerability

Publication date: 29 Oct 2014
Modification date: 29 Oct 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-8483

Description

Due to and out-of-bounds read issue in Quassel core in The ECB Blowfish
decryption function, a malicious client can cause either denial of service or
disclosure of information from process memory by using an improperly formed
message (CVE-2014-8483).
                

References

SRPMS

4/core

3/core