--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2019-d5ad4a435c
2019-04-23 20:13:25.293520
--------------------------------------------------------------------------------Name        : znc
Product     : Fedora 29
Version     : 1.7.3
Release     : 1.fc29
URL         : https://wiki.znc.in/ZNC
Summary     : An advanced IRC bouncer
Description :
ZNC is an IRC bouncer with many advanced features like detaching,
multiple users, per channel playback buffer, SSL, IPv6, transparent
DCC bouncing, Perl and C++ module support to name a few.

--------------------------------------------------------------------------------Update Information:

Fixes CVE-2019-9917
--------------------------------------------------------------------------------ChangeLog:

* Tue Apr  9 2019 Nick Bebout  - 1.7.3-1
- Update to 1.7.3
* Wed Mar 27 2019 Nick Bebout  - 1.7.3-0.1
- Update to 1.7.3-rc1 to fix CVE-2019-9917
* Sun Feb  3 2019 Fedora Release Engineering  - 1.7.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Jan 29 2019 Jason L Tibbitts III  - 1.7.2-1
- Update to 1.7.2.
- Fix three paths in the manpage (#1624519).
* Wed Jan 23 2019 Pete Walter  - 1.7.1-4
- Rebuild for ICU 63
* Fri Aug 24 2018 Todd Zullinger  - 1.7.1-3
- Clean up ancient Fedora and RHEL conditionals
- Remove cruft from %prep
- Use %autosetup, %make_build, and %make_install macros
- Use https for URL and SOURCE tags
- Check upstream GPG signature in %prep
- Simplify %{_libdir}/znc/ file list
- Enable verbose make
- Pass --with-tcl to ensure tclConfig.sh is found
- Remove Group tag
- Use system-wide crypto policy
- Use %license tag for LICENSE file
- Add ChangeLog.md and NOTICE files to %doc
- Move znc-buildmod.1 to znc-devel
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1692771 - CVE-2019-9917 znc: crash on invalid encoding [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1692771
  [ 2 ] Bug #1692770 - CVE-2019-9917 znc: crash on invalid encoding [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1692770
  [ 3 ] Bug #1691613 - znc-1.7.3-rc1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1691613
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-d5ad4a435c' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Fedora 29: znc Security Update

April 23, 2019
Fixes CVE-2019-9917

Summary

ZNC is an IRC bouncer with many advanced features like detaching,

multiple users, per channel playback buffer, SSL, IPv6, transparent

DCC bouncing, Perl and C++ module support to name a few.

Fixes CVE-2019-9917

* Tue Apr 9 2019 Nick Bebout - 1.7.3-1

- Update to 1.7.3

* Wed Mar 27 2019 Nick Bebout - 1.7.3-0.1

- Update to 1.7.3-rc1 to fix CVE-2019-9917

* Sun Feb 3 2019 Fedora Release Engineering - 1.7.2-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

* Tue Jan 29 2019 Jason L Tibbitts III - 1.7.2-1

- Update to 1.7.2.

- Fix three paths in the manpage (#1624519).

* Wed Jan 23 2019 Pete Walter - 1.7.1-4

- Rebuild for ICU 63

* Fri Aug 24 2018 Todd Zullinger - 1.7.1-3

- Clean up ancient Fedora and RHEL conditionals

- Remove cruft from %prep

- Use %autosetup, %make_build, and %make_install macros

- Use https for URL and SOURCE tags

- Check upstream GPG signature in %prep

- Simplify %{_libdir}/znc/ file list

- Enable verbose make

- Pass --with-tcl to ensure tclConfig.sh is found

- Remove Group tag

- Use system-wide crypto policy

- Use %license tag for LICENSE file

- Add ChangeLog.md and NOTICE files to %doc

- Move znc-buildmod.1 to znc-devel

[ 1 ] Bug #1692771 - CVE-2019-9917 znc: crash on invalid encoding [epel-7]

https://bugzilla.redhat.com/show_bug.cgi?id=1692771

[ 2 ] Bug #1692770 - CVE-2019-9917 znc: crash on invalid encoding [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1692770

[ 3 ] Bug #1691613 - znc-1.7.3-rc1 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1691613

su -c 'dnf upgrade --advisory FEDORA-2019-d5ad4a435c' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

FEDORA-2019-d5ad4a435c 2019-04-23 20:13:25.293520 Product : Fedora 29 Version : 1.7.3 Release : 1.fc29 URL : https://wiki.znc.in/ZNC Summary : An advanced IRC bouncer Description : ZNC is an IRC bouncer with many advanced features like detaching, multiple users, per channel playback buffer, SSL, IPv6, transparent DCC bouncing, Perl and C++ module support to name a few. Fixes CVE-2019-9917 * Tue Apr 9 2019 Nick Bebout - 1.7.3-1 - Update to 1.7.3 * Wed Mar 27 2019 Nick Bebout - 1.7.3-0.1 - Update to 1.7.3-rc1 to fix CVE-2019-9917 * Sun Feb 3 2019 Fedora Release Engineering - 1.7.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Jan 29 2019 Jason L Tibbitts III - 1.7.2-1 - Update to 1.7.2. - Fix three paths in the manpage (#1624519). * Wed Jan 23 2019 Pete Walter - 1.7.1-4 - Rebuild for ICU 63 * Fri Aug 24 2018 Todd Zullinger - 1.7.1-3 - Clean up ancient Fedora and RHEL conditionals - Remove cruft from %prep - Use %autosetup, %make_build, and %make_install macros - Use https for URL and SOURCE tags - Check upstream GPG signature in %prep - Simplify %{_libdir}/znc/ file list - Enable verbose make - Pass --with-tcl to ensure tclConfig.sh is found - Remove Group tag - Use system-wide crypto policy - Use %license tag for LICENSE file - Add ChangeLog.md and NOTICE files to %doc - Move znc-buildmod.1 to znc-devel [ 1 ] Bug #1692771 - CVE-2019-9917 znc: crash on invalid encoding [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1692771 [ 2 ] Bug #1692770 - CVE-2019-9917 znc: crash on invalid encoding [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1692770 [ 3 ] Bug #1691613 - znc-1.7.3-rc1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1691613 su -c 'dnf upgrade --advisory FEDORA-2019-d5ad4a435c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Change Log

References

Update Instructions

Severity
Product : Fedora 29
Version : 1.7.3
Release : 1.fc29
URL : https://wiki.znc.in/ZNC
Summary : An advanced IRC bouncer

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved