Publishing details
Changelog
znc (1.2-3ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: Privilege escalation for non-admin users (LP: #1781925)
- debian/patches/CVE-2018-14055-1.patch: Remove newlines from incoming
network configuration change directives. Based on upstream patch.
- debian/patches/CVE-2018-14055-2.patch: Remove extra newlines when
writing out configuration file. Based on upstream patch.
- CVE-2018-14055
* SECURITY UPDATE: Path traversal flaw allows access to files outside of
skins (LP: #1781925)
- debian/patches/CVE-2018-14056.patch: Replace path traversal components
in skin names to ensure path traversal is not possible. Based on
upstream patch.
- CVE-2018-14056
* SECURITY UPDATE: Denial of service (crash) from remote authenticated users
- debian/patches/CVE-2014-9403.patch: Check whether channel exists
when dealing with user specified channel name. Based on upstream
patch.
- CVE-2014-9403
-- Alex Murray <email address hidden> Tue, 07 Aug 2018 14:38:37 +0930
Builds
Built packages
-
znc
advanced modular IRC bouncer
-
znc-dbg
advanced modular IRC bouncer (debugging symbols)
-
znc-dbgsym
debug symbols for package znc
-
znc-dev
advanced modular IRC bouncer (development headers)
-
znc-dev-dbgsym
debug symbols for package znc-dev
-
znc-perl
advanced modular IRC bouncer (Perl extension)
-
znc-perl-dbgsym
debug symbols for package znc-perl
-
znc-python
advanced modular IRC bouncer (Python extension)
-
znc-python-dbgsym
debug symbols for package znc-python
-
znc-tcl
advanced modular IRC bouncer (Tcl extension)
-
znc-tcl-dbgsym
debug symbols for package znc-tcl
Package files