Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 29: Security Update for ZNC FEDORA-2019-d5ad4a435c Moderate Fix

fedora
Calendar Grey April 23, 2019
Dist Fedora Esm H88
The security update addressing the znc flaw identified as CVE-2019-9917 for Fedora 29 has been released. More information on the update can be found here.
Fixes CVE-2019-9917

Summary

ZNC is an IRC bouncer with many advanced features like detaching,

multiple users, per channel playback buffer, SSL, IPv6, transparent

DCC bouncing, Perl and C++ module support to name a few.

Fixes CVE-2019-9917

* Tue Apr 9 2019 Nick Bebout - 1.7.3-1

- Update to 1.7.3

* Wed Mar 27 2019 Nick Bebout - 1.7.3-0.1

- Update to 1.7.3-rc1 to fix CVE-2019-9917

* Sun Feb 3 2019 Fedora Release Engineering - 1.7.2-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

* Tue Jan 29 2019 Jason L Tibbitts III - 1.7.2-1

- Update to 1.7.2.

- Fix three paths in the manpage (#1624519).

* Wed Jan 23 2019 Pete Walter - 1.7.1-4

- Rebuild for ICU 63

* Fri Aug 24 2018 Todd Zullinger - 1.7.1-3

- Clean up ancient Fedora and RHEL conditionals

- Remove cruft from %prep

- Use %autosetup, %make_build, and %make_install macros

- Use https for URL and SOURCE tags

- Check upstream GPG signature in %prep

- Simplify %{_libdir}/znc/ file list

- Enable verbose make

- Pass --with-tcl to ensure tclConfig.sh is found

- Remove Group tag

- Use system-wide crypto policy

- Use %license tag for LICENSE file

- Add ChangeLog.md and NOTICE files to %doc

- Move znc-buildmod.1 to znc-devel

[ 1 ] Bug #1692771 - CVE-2019-9917 znc: crash on invalid encoding [epel-7]

https://bugzilla.redhat.com/show_bug.cgi?id=1692771

[ 2 ] Bug #1692770 - CVE-2019-9917 znc: crash on invalid encoding [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1692770

[ 3 ] Bug #1691613 - znc-1.7.3-rc1 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1691613

su -c 'dnf upgrade --advisory FEDORA-2019-d5ad4a435c' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory update Fedora crash IRC bouncer znc encoding

Change Log

References

Update Instructions

Product: Fedora 29
Version: 1.7.3
Release: 1.fc29
URL: https://wiki.znc.in/ZNC
Summary: An advanced IRC bouncer

Topics%20covered

Topics Covered

security advisory update Fedora crash IRC bouncer znc encoding

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here