An out-of-bounds read vulnerability was discovered in Quassel-core, one
of the components of the distributed IRC client Quassel. An attacker can
send a crafted message that crash to component causing a denial of
services or disclosure of information from process memory.
For the stable distribution (wheezy), this problem has been fixed in
version 0.8.0-1+deb7u3.
For the unstable distribution (sid), this problem has been fixed in
version 0.10.0-2.1 (will be available soon).
We recommend that you upgrade your quassel packages.