Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 02 Jul 2010 11:45:20 -0500
From: Raphael Geissert <>
Subject: Re: CVE Request -- Mumble server (Murmur) / Qt SQLite -- Remotely exploitable DoS (murmur termination) due QueryUsers Qt SQLite database bug

Hi Jan, everyone,

Jan Lieskovsky wrote:
>    Luigi Auriemma reported:
>    [1]
> a deficiency in the way Mumble server processed malformed SQL query data.
> A remote, authenticated user could use this flaw to cause denial of
> service (mumble server termination) via specially-crafted QueryUsers Qt
> SQLite SQL query.

He also reported another vulnerability in Qt4's SSL support:

(reported to the Debian maintainers in

Could a CVE be assigned for this other issue too?


Raphael Geissert - Debian Developer -

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ