Ubuntu

“znc” 0.078-1ubuntu0.1 source package in The Lucid Lynx

Publishing history

0.078-1ubuntu0.1
PUBLISHED: Lucid pocket Updates in component universe and section net
  • Published on 2012-12-18
  • Copied from ubuntu lucid in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
0.078-1ubuntu0.1
PUBLISHED: Lucid pocket Security in component universe and section net
  • Published on 2012-12-18
  • Copied from ubuntu lucid in Private PPA for Ubuntu Security Team by Jamie Strandboge

Builds

Changelog

znc (0.078-1ubuntu0.1) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service caused by NULL pointer dereference
    (LP: #1090195)
    - debian/patches/cve-2010-2448.patch: modify znc.cpp to prevent NULL
      pointer dereference.  Based on upstream patch.
    - CVE-2010-2448
    - CVE-2010-2488
  * SECURITY UPDATE: denial of service caused by PING command without
    arguments (LP: #1090195)
    - debian/patches/cve-2010-2812.patch: modify Client.cpp to correctly
      handle PING commands that have no arguments.  Based on upstream patch.
    - CVE-2010-2812
  * SECURITY UPDATE: denial of service via unknown vectors related to
    "unsafe substr() calls" (LP: #1090195)
    - debian/patches/cve-2010-2934.patch: modify IRCSock.cpp,
      modules/adminlog.cpp, modules/away.cpp, and modules/email.cpp to
      remove unsafe substr() calls.  Based on upstream patch.
    - CVE-2010-2934
 -- Thomas Ward <email address hidden>   Tue, 18 Dec 2012 06:29:44 +0000