Hi, On Wed, 25 Apr 2018 20:58:52 +0200 Salvatore Bonaccorso <car...@debian.org> wrote: > Source: quassel > Version: 1:0.12.4-1 > Severity: normal > Tags: patch security upstream > Control: fixed -1 1:0.12.5-1 > > Hi Felix, > > Filling this as bug to have an identifier, since no CVE has been > assigned. > > https://www.quassel-irc.org/node/130 > > Commit "Implement custom deserializer to add our own sanity checks": > > https://github.com/quassel/quassel/commit/18389a713a6810f57ab237b945e8ee03df857b8b
I'm working on updates for jessie and stretch. Backporting to stretch is easy. jessie requires a bit more work as the patch uses quite some C++11 features which isn't enabled in 0.10. Felix
