From bf325f1bd7f148a6043add54446f983700dd2c64 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Sat, 28 Apr 2018 11:08:42 +0200 Subject: [PATCH] quassel: 0.12.4 -> 0.12.5 (fixes RCE & remote crash) It was found that Quassel could be remotely crashed and had an unauthenticated RCE vulnerability. The public annoucement can be found on the oss-sec archive [1]. The bump to 0.12.5 is supposed fixe both issues. [1] http://seclists.org/oss-sec/2018/q2/77 --- pkgs/applications/networking/irc/quassel/source.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/irc/quassel/source.nix b/pkgs/applications/networking/irc/quassel/source.nix index f3941ee976e4..20daba788997 100644 --- a/pkgs/applications/networking/irc/quassel/source.nix +++ b/pkgs/applications/networking/irc/quassel/source.nix @@ -1,9 +1,9 @@ { fetchurl }: rec { - version = "0.12.4"; + version = "0.12.5"; src = fetchurl { url = "https://github.com/quassel/quassel/archive/${version}.tar.gz"; - sha256 = "0q2qlhy1d6glw9pwxgcgwvspd1mkk3yi6m21dx9gnj86bxas2qs2"; + sha256 = "04f42x87a4wkj3va3wnmj2jl7ikqqa7d7nmypqpqwalzpzk7kxwv"; }; }