MGASA-2015-0175

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2015-0175.html

Import Source

https://advisories.mageia.org/MGASA-2015-0175.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2015-0175

Related

CVE-2015-3427

Published

2015-04-30T21:57:25Z

Modified

2015-04-30T21:45:30Z

Summary

Updated quassel packages fix CVE-2015-3427

Details

Updated quassel packages fix security vulnerability:

Quassel is vulnerable to SQL injection through its use of Qt's postgres driver. If the PostgreSQL server is restarted or the connection is lost at any point, other IRC users may be able to trick the Quassel core into executing SQL queries upon reconnection (CVE-2015-3427).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:4 / quassel

Package

Name: quassel
Purl: pkg:rpm/mageia/quassel?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.2-1.3.mga4

Ecosystem specific

{
    "section": "core"
}