==========================================================================
Ubuntu Security Notice USN-2401-1
November 10, 2014

konversation vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 LTS

Summary:

Konversation could be made to crash if it received specially crafted
network traffic.

Software Description:
– konversation: Internet Relay Chat (IRC) client for KDE

Details:

Manuel Nickschas discovered that Konversation did not properly perform
input sanitization when using Blowfish ECB encryption. A remote attacker
could exploit this to cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
konversation 1.4-1ubuntu2.1

After a standard system update you need to restart Konversation to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2401-1
CVE-2014-8483

Package Information:
https://launchpad.net/ubuntu/+source/konversation/1.4-1ubuntu2.1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJUYRusAAoJEFHb3FjMVZVzdc0QAIGgE+4K1hnX9GEHL5aIOnpF
U5MMNbD8SUjrcQ2EWmnJGDLO+3585XjbOoWmeHfnq0izFoo59HHIGmYNIQPDYAvk
59VkLCFaQ1twmyUXfrFrQwMamYmna+yaeNTNN4MWnd+6eXhsrrDxSJxEvPMPwUsN
bJmO339gM3hYkMP2zMg4cVa8h50sMZ8ou1KNMDN5Lio6AA/7bxT5oAK0J8/1W6aU
vR4p3wceZ7PcW9AKGEmtXW4jssAYTDcSV+wdgIemgG05GH0bPxVAs2aU/w5BbDmD
GYqA8Xxley+kLI6M32jQfob1mMxymKKO1Fq8D6xBoQv5AgK/yKOeQMRVb4ZevbLQ
4mGNkvjoSOfJ4VJm70KK7j6Ls4C1Z08osD31vraQoepkeyBPh7Vzk3iJ3+6ftPAg
aHpKI74cdTF/H9ChXWAmEo39fwwdAq+OdK/es0m8Z3B7SkFWVKrijD6aJdZp32ch
GrHPyvEe40m5rQcGfdAzFgAH2Nyd8RL1zxUSpYXWtrSRyay4HtFaZYRP54Y9ROIT
HjDHVe8SQ/p5TMaWusFT0MtTTcTFRTcXaVS4FKLF5R5YpxqQWwY8jYQHR95Fi8MN
Myebs/m7EJJjMVXqcUbIWc6/hAiXFy6tJYYHyx2vp3hZizOG9Sy2R5mLLBO06s3c
b+T2f7Co039PFV6oAvmS
=HOkq
—–END PGP SIGNATURE—–
—