Comment 5 for bug 1767539

This bug was fixed in the package quassel - 0.10.0-0ubuntu2.3

---------------
quassel (0.10.0-0ubuntu2.3) trusty-security; urgency=medium

  * SECURITY UPDATE: quasselcore, corruption of heap metadata caused by
    qdatastream (LP: #1767539)
    - debian/patches/Implement_custom_deserializer.patch: Original patch from
      upstream 0.12.5 release, adapted for non-C++ 11 systems by Felix Geyer
    - CVE-2018-1000178
  * SECURITY UPDATE: quasselcore, denial of service for unconfigured core
    (LP: #1767539)
    - debian/patches/Reject_clients_that_attempt_to_login_before_the_core_is
      _configured.patch: Original patch from upstream 0.12.5 release, adapted
      for non-C++ 11 systems by Felix Geyer
    - CVE-2018-1000179

 -- Scott Kitterman <email address hidden> Fri, 27 Apr 2018 20:25:50 -0400