Fedora 36: unrealircd 2022-0bff4ccd3b | LinuxSecurity.com
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-0bff4ccd3b
2022-03-26 14:56:28.661837
--------------------------------------------------------------------------------

Name        : unrealircd
Product     : Fedora 36
Version     : 6.0.2
Release     : 1.fc36
URL         : https://www.unrealircd.org/
Summary     : Open Source IRC server
Description :
UnrealIRCd is an Open Source IRC server based on the branch of IRCu called
Dreamforge, formerly used by the DALnet IRC network. Since the beginning of
development on UnrealIRCd in May of 1999, it has become a highly advanced
IRCd with a strong focus on modularity, an advanced and highly configurable
configuration file. Key features include SSL/TLS, cloaking, advanced anti-
flood and anti-spam systems, swear filtering and module support.

--------------------------------------------------------------------------------
Update Information:

# UnrealIRCd 6.0.2  UnrealIRCd 6.0.2 comes with several nice feature
enhancements along with some fixes. It also includes a fix for a crash bug that
can be triggered by ordinary users.  ## Fixes    * Fix crash that can be
triggered by regular users if you have any `deny dcc` blocks in the config or
any spamfilters with the `d` (DCC) target.   * Fix infinite hang on "Loading
IRCd configuration" if DNS is not working. For example if the 1st DNS server in
`/etc/resolv.conf` is down or refusing requests.   * Some `MODE` server-to-
server commands were missing a timestamp at the end, even though this is
mandatory for modes coming from a server.   * The
[channeldb](https://www.unrealircd.org/docs/Set_block#set::channeldb) module now
converts letter extbans to named extbans (e.g. `~a` to `~account`). Previously
it did not, which caused letter extbans to appear in the banlist. Later on, when
linking servers, this would cause duplicate entries to appear as well, with both
the old and new format. The extbans were still effective though, so this is
mostly a visual `+b`/`+e`/`+I` list issue.   * Some [Extended Server
Bans](https://www.unrealircd.org/docs/Extended_server_bans) were not working
correctly for WEBIRC proxies. In particular, a server ban or exempt (ELINE) on
`~country:XX` was only checked against the WEBIRC proxy.  ## Enhancements    *
Support for [logging to a
channel](https://www.unrealircd.org/docs/Log_block#Logging_to_a_channel).
Similar to snomasks but then for channels.   * Command line interface changes:
* The CLI tool now communicates to the running UnrealIRCd process via a UNIX
socket to send commands and retrieve output.     * The command `unrealircdctl
rehash` will now show the rehash output, including warnings and errors, and
return a proper exit code.     * The same for `unrealircdctl reloadtls`     *
The command `unrealircdctl status` to show if UnrealIRCd is running, the
version, channel and user count, ..     * The command `unrealircdctl
genlinkblock` is now
[documented](https://www.unrealircd.org/docs/Linking_servers_(genlinkblock)) and
is referred to from the [Linking servers
tutorial](https://www.unrealircd.org/docs/Tutorial:_Linking_servers).   * New
option [set::server-notice-show-
event](https://www.unrealircd.org/docs/Set_block#set::server-notice-show-event)
which can be set to `no` to hide the event information (e.g.
`connect.LOCAL_CLIENT_CONNECT`) in server notices. This can be overridden per-
oper in the [Oper block](https://www.unrealircd.org/docs/Oper_block) via
`oper::server-notice-show-event`.   * Support for IRC over UNIX sockets (on the
same machine), if you specify a file in the [listen
block](https://www.unrealircd.org/docs/Listen_block) instead of an ip/port. This
probably won't be used much, but the option is there. Users will show up with a
host of `localhost` and IP `127.0.0.1` to keep things simple.   * The `MAP`
command now shows percentages of users   * Add `WHO` option to search clients by
time connected (e.g. `WHO <300 t` to search for less than 300 seconds)   * Rate
limiting of `MODE nick -x` and `-t` via new `vhost-flood` option in [set::anti-
flood block](https://www.unrealircd.org/docs/Anti-flood_settings).  ## Changes
* Update Russian `help.ru.conf`.  ## Protocol    * `SVSMODE #chan -b nick` will
now correctly remove extbans that prevent `nick` from joining. This fixes a bug
where it would remove too much (for `~time`) or not remove extbans (most other
extbans, e.g. `~account`). `SVSMODE #chan -b` has also been fixed accordingly
(remove all bans preventing joins). Note that all these commands do not remove
bans that do not affect joins, such as `~quiet` or `~text`.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 21 2022 Robert Scheck  6.0.2-1
- Upgrade to 6.0.2 (#2038245)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2048669 - unrealircd: Denial of service when a certain command is sent
        https://bugzilla.redhat.com/show_bug.cgi?id=2048669
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-0bff4ccd3b' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Fedora 36: unrealircd 2022-0bff4ccd3b

March 26, 2022
# UnrealIRCd 6.0.2 UnrealIRCd 6.0.2 comes with several nice feature enhancements along with some fixes

Summary

UnrealIRCd is an Open Source IRC server based on the branch of IRCu called

Dreamforge, formerly used by the DALnet IRC network. Since the beginning of

development on UnrealIRCd in May of 1999, it has become a highly advanced

IRCd with a strong focus on modularity, an advanced and highly configurable

configuration file. Key features include SSL/TLS, cloaking, advanced anti-

flood and anti-spam systems, swear filtering and module support.

Update Information:

# UnrealIRCd 6.0.2 UnrealIRCd 6.0.2 comes with several nice feature enhancements along with some fixes. It also includes a fix for a crash bug that can be triggered by ordinary users. ## Fixes * Fix crash that can be triggered by regular users if you have any `deny dcc` blocks in the config or any spamfilters with the `d` (DCC) target. * Fix infinite hang on "Loading IRCd configuration" if DNS is not working. For example if the 1st DNS server in `/etc/resolv.conf` is down or refusing requests. * Some `MODE` server-to- server commands were missing a timestamp at the end, even though this is mandatory for modes coming from a server. * The [channeldb](https://www.unrealircd.org/docs/Set_block#set::channeldb) module now converts letter extbans to named extbans (e.g. `~a` to `~account`). Previously it did not, which caused letter extbans to appear in the banlist. Later on, when linking servers, this would cause duplicate entries to appear as well, with both the old and new format. The extbans were still effective though, so this is mostly a visual `+b`/`+e`/`+I` list issue. * Some [Extended Server Bans](https://www.unrealircd.org/docs/Extended_server_bans) were not working correctly for WEBIRC proxies. In particular, a server ban or exempt (ELINE) on `~country:XX` was only checked against the WEBIRC proxy. ## Enhancements * Support for [logging to a channel](https://www.unrealircd.org/docs/Log_block#Logging_to_a_channel). Similar to snomasks but then for channels. * Command line interface changes: * The CLI tool now communicates to the running UnrealIRCd process via a UNIX socket to send commands and retrieve output. * The command `unrealircdctl rehash` will now show the rehash output, including warnings and errors, and return a proper exit code. * The same for `unrealircdctl reloadtls` * The command `unrealircdctl status` to show if UnrealIRCd is running, the version, channel and user count, .. * The command `unrealircdctl genlinkblock` is now [documented](https://www.unrealircd.org/docs/Linking_servers_(genlinkblock)) and is referred to from the [Linking servers tutorial](https://www.unrealircd.org/docs/Tutorial:_Linking_servers). * New option [set::server-notice-show- event](https://www.unrealircd.org/docs/Set_block#set::server-notice-show-event) which can be set to `no` to hide the event information (e.g. `connect.LOCAL_CLIENT_CONNECT`) in server notices. This can be overridden per- oper in the [Oper block](https://www.unrealircd.org/docs/Oper_block) via `oper::server-notice-show-event`. * Support for IRC over UNIX sockets (on the same machine), if you specify a file in the [listen block](https://www.unrealircd.org/docs/Listen_block) instead of an ip/port. This probably won't be used much, but the option is there. Users will show up with a host of `localhost` and IP `127.0.0.1` to keep things simple. * The `MAP` command now shows percentages of users * Add `WHO` option to search clients by time connected (e.g. `WHO <300 t` to search for less than 300 seconds) * Rate limiting of `MODE nick -x` and `-t` via new `vhost-flood` option in [set::anti- flood block](https://www.unrealircd.org/docs/Anti-flood_settings). ## Changes * Update Russian `help.ru.conf`. ## Protocol * `SVSMODE #chan -b nick` will now correctly remove extbans that prevent `nick` from joining. This fixes a bug where it would remove too much (for `~time`) or not remove extbans (most other extbans, e.g. `~account`). `SVSMODE #chan -b` has also been fixed accordingly (remove all bans preventing joins). Note that all these commands do not remove bans that do not affect joins, such as `~quiet` or `~text`.

Change Log

* Mon Mar 21 2022 Robert Scheck 6.0.2-1 - Upgrade to 6.0.2 (#2038245)

References

[ 1 ] Bug #2048669 - unrealircd: Denial of service when a certain command is sent https://bugzilla.redhat.com/show_bug.cgi?id=2048669

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-0bff4ccd3b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : unrealircd
Product : Fedora 36
Version : 6.0.2
Release : 1.fc36
URL : https://www.unrealircd.org/
Summary : Open Source IRC server

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.