FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Quassel IRC -- SQL injection vulnerability

Affected packages
		quassel	<	0.11.1

Details

VuXML ID	49d9c28c-fbad-11e4-b0fb-00269ee29e57
Discovery	2015-04-23
Entry	2015-05-16

Quassel IRC developers report:

Restarting a PostgreSQL database while Quassel Core is running would not properly re-initialize the database session inside Quassel, bringing back an old security issue (CVE-2013-4422).

[source]

References

CVE Name	CVE-2015-3427
URL	https://github.com/quassel/quassel/commit/6605882f41331c80f7ac3a6992650a702ec71283