Fedora 36: 2022-0bff4ccd3b Moderate: unrealircd DoS Fix and Enhancements

UnrealIRCd is an Open Source IRC server based on the branch of IRCu called

Dreamforge, formerly used by the DALnet IRC network. Since the beginning of

development on UnrealIRCd in May of 1999, it has become a highly advanced

IRCd with a strong focus on modularity, an advanced and highly configurable

configuration file. Key features include SSL/TLS, cloaking, advanced anti-flood and anti-spam systems, swear filtering and module support.

# UnrealIRCd 6.0.2 UnrealIRCd 6.0.2 comes with several nice feature

enhancements along with some fixes. It also includes a fix for a crash bug that

can be triggered by ordinary users. ## Fixes * Fix crash that can be

triggered by regular users if you have any `deny dcc` blocks in the config or

any spamfilters with the `d` (DCC) target. * Fix infinite hang on "Loading

IRCd configuration" if DNS is not working. For example if the 1st DNS server in

`/etc/resolv.conf` is down or refusing requests. * Some `MODE` server-to-server commands were missing a timestamp at the end, even though this is

mandatory for modes coming from a server. * The

[channeldb]() module now

converts letter extbans to named extbans (e.g. `~a` to `~account`). Previously

it did not, which caused letter extbans to appear in the banlist. Later on, when

linking servers, this would cause duplicate entries to appear as well, with both

the old and new format. The extbans were still effective though, so this is

mostly a visual `+b`/`+e`/`+I` list issue. * Some [Extended Server

Bans]() were not working

correctly for WEBIRC proxies. In particular, a server ban or exempt (ELINE) on

`~country:XX` was only checked against the WEBIRC proxy. ## Enhancements *

Support for [logging to a

channel]().

Similar to snomasks but then for channels. * Command line interface changes:

* The CLI tool now communicates to the running UnrealIRCd process via a UNIX

socket to send commands and retrieve output. * The command `unrealircdctl

rehash` will now show the rehash output, including warnings and errors, and

return a proper exit code. * The same for `unrealircdctl reloadtls` *

The command `unrealircdctl status` to show if UnrealIRCd is running, the

version, channel and user count, .. * The command `unrealircdctl

genlinkblock` is now

[documented]()) and

is referred to from the [Linking servers

tutorial](). * New

option [set::server-notice-show-event]()

which can be set to `no` to hide the event information (e.g.

`connect.LOCAL_CLIENT_CONNECT`) in server notices. This can be overridden per-oper in the [Oper block]() via

`oper::server-notice-show-event`. * Support for IRC over UNIX sockets (on the

same machine), if you specify a file in the [listen

block]() instead of an ip/port. This

probably won't be used much, but the option is there. Users will show up with a

host of `localhost` and IP `127.0.0.1` to keep things simple. * The `MAP`

command now shows percentages of users * Add `WHO` option to search clients by

time connected (e.g. `WHO <300 t` to search for less than 300 seconds) * Rate

limiting of `MODE nick -x` and `-t` via new `vhost-flood` option in [set::anti-flood block](https://www.unrealircd.org/docs/Anti-flood_settings). ## Changes

* Update Russian `help.ru.conf`. ## Protocol * `SVSMODE #chan -b nick` will

now correctly remove extbans that prevent `nick` from joining. This fixes a bug

where it would remove too much (for `~time`) or not remove extbans (most other

extbans, e.g. `~account`). `SVSMODE #chan -b` has also been fixed accordingly

(remove all bans preventing joins). Note that all these commands do not remove

bans that do not affect joins, such as `~quiet` or `~text`.

* Mon Mar 21 2022 Robert Scheck 6.0.2-1

- Upgrade to 6.0.2 (#2038245)

[ 1 ] Bug #2048669 - unrealircd: Denial of service when a certain command is sent

https://bugzilla.redhat.com/show_bug.cgi?id=2048669

su -c 'dnf upgrade --advisory FEDORA-2022-0bff4ccd3b' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure