It was discovered that Quassel did not properly handle CTCP requests. A remote attacker could exploit this to cause a denial of service via application crash. Updated packages are available from security.ubuntu.com.
========================================================================== Ubuntu Security Notice USN-1200-1 September 10, 2011 quassel vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: A remote attacker could send crafted input to Quassel and cause it to crash. Software Description: - quassel: KDE/Qt-based IRC client Details: It was discovered that Quassel did not properly handle CTCP requests. A remote attacker could exploit this to cause a denial of service via application crash. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: quassel-core 0.7.2-0ubuntu2.2 Ubuntu 10.10: quassel-core 0.7.1-0ubuntu1.1 Ubuntu 10.04 LTS: quassel-core 0.6.1-0ubuntu1.2 After a standard system update you need to restart Quassel to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1200-1 https://launchpad.net/bugs/845707 Package Information: https://launchpad.net/ubuntu/+source/quassel/0.7.2-0ubuntu2.2 https://launchpad.net/ubuntu/+source/quassel/0.7.1-0ubuntu1.1 https://launchpad.net/ubuntu/+source/quassel/0.6.1-0ubuntu1.2