-
znc (1.6.6-1ubuntu0.2) bionic-security; urgency=medium
* SECURITY UPDATE: Fix vulnerability that allows remote authenticated
non-admin users to escalate privileges and execute arbitrary code by
loading a module with a crafted name.
- debian/patches/CVE-2019-12816.patch: Fix remote code execution and
privilege escalation.
- CVE-2019-12816
-- Paulo Flabiano Smorigo <email address hidden> Tue, 25 Jun 2019 15:52:19 -0300
-
znc (1.6.6-1ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Privilege escalation for non-admin users (LP: #1781925)
- debian/patches/CVE-2018-14055-1.patch: Remove newlines from incoming
network configuration change directives. Based on upstream patch.
- debian/patches/CVE-2018-14055-2.patch: Remove extra newlines when
writing out configuration file. Based on upstream patch.
- CVE-2018-14055
* SECURITY UPDATE: Path traversal flaw allows access to files outside of
skins (LP: #1781925)
- debian/patches/CVE-2018-14056.patch: Replace path traversal components
in skin names to ensure path traversal is not possible. Based on
upstream patch.
- CVE-2018-14056
-- Alex Murray <email address hidden> Thu, 26 Jul 2018 15:28:39 +0930
-
znc (1.6.6-1) unstable; urgency=medium
* New upstream release.
* Use a safe URL in debian/watch and for the homepage filed.
* Bump Standards-Version to 4.1.3.
* Bump debian/compat to level 10.
* Move lintian-overrides file to source directory.
* Remove trailing whitespaces from debian/changelog.
* Use secure URIs in debian/copyright.
-- Patrick Matthäi <email address hidden> Thu, 15 Mar 2018 15:42:53 +0100
-
znc (1.6.5-2build5) bionic; urgency=high
* No change rebuild against openssl1.1.
-- Dimitri John Ledkov <email address hidden> Tue, 06 Feb 2018 17:55:58 +0000
-
znc (1.6.5-2build4) bionic; urgency=medium
* No-change rebuild for icu soname change.
-- Matthias Klose <email address hidden> Tue, 07 Nov 2017 08:56:13 +0000
-
znc (1.6.5-2build3) bionic; urgency=medium
* No-change rebuild for libicu soname change.
-- Matthias Klose <email address hidden> Wed, 25 Oct 2017 15:49:31 +0000
-
znc (1.6.5-2build2) artful; urgency=medium
* No-change rebuild for perl 5.26.0.
-- Matthias Klose <email address hidden> Wed, 26 Jul 2017 20:13:57 +0000