--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2022-c51b3a7f19
2022-05-07 04:08:14.310175
--------------------------------------------------------------------------------Name : unrealircd
Product : Fedora 36
Version : 6.0.3
Release : 1.fc36
URL : https://www.unrealircd.org/
Summary : Open Source IRC server
Description :
UnrealIRCd is an Open Source IRC server based on the branch of IRCu called
Dreamforge, formerly used by the DALnet IRC network. Since the beginning of
development on UnrealIRCd in May of 1999, it has become a highly advanced
IRCd with a strong focus on modularity, an advanced and highly configurable
configuration file. Key features include SSL/TLS, cloaking, advanced anti-flood and anti-spam systems, swear filtering and module support.

--------------------------------------------------------------------------------Update Information:

# UnrealIRCd 6.0.3 A number of serious issues were discovered in UnrealIRCd 6.
Among these is an issue which will likely crash the IRCd sooner or later if you
`/REHASH` with any active clients connected. ## Fixes * Crash in `WATCH` if
the IRCd has been rehashed at least once. After doing a `REHASH` with active
clients it will likely corrupt memory. It may take several days until after the
rehash for the crash to occur, or even weeks/months on smaller networks
(accidental triggering, that is). * A `REHASH` with certain remote includes
setups could cause a crash or other weird and confusing problems such as
complaining about unable to open an ipv6-database or missing snomask
configuration. This only affected some people with remote includes, not all. *
Potential out-of-bounds write in sending code. In practice it seems harmless on
most servers but this cannot be 100% guaranteed. * Unlikely triggered log
message would log uninitialized stack data to the log file or send it to ircops.
* Channel ops could not remove halfops from a user (`-h`). * After using the
`RESTART` command (not recommended) the new IRCd was often no longer writing to
log files. * Fix compile problem if you choose to use cURL remote includes but
don't have cURL on the system and ask UnrealIRCd to compile cURL. ##
Enhancements * The default text log format on disk changed. It now includes
the server name where the event was generated. Without this, it was sometimes
difficult to trace problems, since previously it sometimes looked like there was
a problem on your server when it was actually another server on the network.
* Old log format: `[DATE TIME] subsystem.EVENT_ID loglevel: ........` * New
log format: `[DATE TIME] servername subsystem.EVENT_ID loglevel: ........` ##
Changes * Any MOTD lines added by services via
[`SVSMOTD`](https://www.unrealircd.org/docs/MOTD_and_Rules#SVSMOTD) are now
shown at the end of the MOTD-on-connect (unless using a shortmotd). Previously
the lines were only shown if you manually ran the MOTD command. ## Protocol
* `LIST C 6.0.3-1
- Upgrade to 6.0.3 (#2071197)
--------------------------------------------------------------------------------References:

[ 1 ] Bug #2071197 - unrealircd-6.0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2071197
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-c51b3a7f19' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Fedora 36: unrealircd 2022-c51b3a7f19

May 7, 2022

# UnrealIRCd 6.0.3 A number of serious issues were discovered in UnrealIRCd 6

Summary

UnrealIRCd is an Open Source IRC server based on the branch of IRCu called

Dreamforge, formerly used by the DALnet IRC network. Since the beginning of

development on UnrealIRCd in May of 1999, it has become a highly advanced

IRCd with a strong focus on modularity, an advanced and highly configurable

configuration file. Key features include SSL/TLS, cloaking, advanced anti-flood and anti-spam systems, swear filtering and module support.

# UnrealIRCd 6.0.3 A number of serious issues were discovered in UnrealIRCd 6.

Among these is an issue which will likely crash the IRCd sooner or later if you

`/REHASH` with any active clients connected. ## Fixes * Crash in `WATCH` if

the IRCd has been rehashed at least once. After doing a `REHASH` with active

clients it will likely corrupt memory. It may take several days until after the

rehash for the crash to occur, or even weeks/months on smaller networks

(accidental triggering, that is). * A `REHASH` with certain remote includes

setups could cause a crash or other weird and confusing problems such as

complaining about unable to open an ipv6-database or missing snomask

configuration. This only affected some people with remote includes, not all. *

Potential out-of-bounds write in sending code. In practice it seems harmless on

most servers but this cannot be 100% guaranteed. * Unlikely triggered log

message would log uninitialized stack data to the log file or send it to ircops.

* Channel ops could not remove halfops from a user (`-h`). * After using the

`RESTART` command (not recommended) the new IRCd was often no longer writing to

log files. * Fix compile problem if you choose to use cURL remote includes but

don't have cURL on the system and ask UnrealIRCd to compile cURL. ##

Enhancements * The default text log format on disk changed. It now includes

the server name where the event was generated. Without this, it was sometimes

difficult to trace problems, since previously it sometimes looked like there was

a problem on your server when it was actually another server on the network.

* Old log format: `[DATE TIME] subsystem.EVENT_ID loglevel: ........` * New

log format: `[DATE TIME] servername subsystem.EVENT_ID loglevel: ........` ##

Changes * Any MOTD lines added by services via

[`SVSMOTD`](https://www.unrealircd.org/docs/MOTD_and_Rules#SVSMOTD) are now

shown at the end of the MOTD-on-connect (unless using a shortmotd). Previously

the lines were only shown if you manually ran the MOTD command. ## Protocol

* `LIST C

minutes ago. This is the opposite of what we had earlier. `LIST T

supported as well (topic changed in last xx minutes), it was already advertised

in `ELIST` but support was not enabled previously.

* Sat Apr 2 2022 Robert Scheck 6.0.3-1

- Upgrade to 6.0.3 (#2071197)

[ 1 ] Bug #2071197 - unrealircd-6.0.3 is available

https://bugzilla.redhat.com/show_bug.cgi?id=2071197

su -c 'dnf upgrade --advisory FEDORA-2022-c51b3a7f19' at the command

line. For more information, refer to the dnf documentation available at

http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/keys

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

FEDORA-2022-c51b3a7f19 2022-05-07 04:08:14.310175 Product : Fedora 36 Version : 6.0.3 Release : 1.fc36 URL : https://www.unrealircd.org/ Summary : Open Source IRC server Description : UnrealIRCd is an Open Source IRC server based on the branch of IRCu called Dreamforge, formerly used by the DALnet IRC network. Since the beginning of development on UnrealIRCd in May of 1999, it has become a highly advanced IRCd with a strong focus on modularity, an advanced and highly configurable configuration file. Key features include SSL/TLS, cloaking, advanced anti-flood and anti-spam systems, swear filtering and module support. # UnrealIRCd 6.0.3 A number of serious issues were discovered in UnrealIRCd 6. Among these is an issue which will likely crash the IRCd sooner or later if you `/REHASH` with any active clients connected. ## Fixes * Crash in `WATCH` if the IRCd has been rehashed at least once. After doing a `REHASH` with active clients it will likely corrupt memory. It may take several days until after the rehash for the crash to occur, or even weeks/months on smaller networks (accidental triggering, that is). * A `REHASH` with certain remote includes setups could cause a crash or other weird and confusing problems such as complaining about unable to open an ipv6-database or missing snomask configuration. This only affected some people with remote includes, not all. * Potential out-of-bounds write in sending code. In practice it seems harmless on most servers but this cannot be 100% guaranteed. * Unlikely triggered log message would log uninitialized stack data to the log file or send it to ircops. * Channel ops could not remove halfops from a user (`-h`). * After using the `RESTART` command (not recommended) the new IRCd was often no longer writing to log files. * Fix compile problem if you choose to use cURL remote includes but don't have cURL on the system and ask UnrealIRCd to compile cURL. ## Enhancements * The default text log format on disk changed. It now includes the server name where the event was generated. Without this, it was sometimes difficult to trace problems, since previously it sometimes looked like there was a problem on your server when it was actually another server on the network. * Old log format: `[DATE TIME] subsystem.EVENT_ID loglevel: ........` * New log format: `[DATE TIME] servername subsystem.EVENT_ID loglevel: ........` ## Changes * Any MOTD lines added by services via [`SVSMOTD`](https://www.unrealircd.org/docs/MOTD_and_Rules#SVSMOTD) are now shown at the end of the MOTD-on-connect (unless using a shortmotd). Previously the lines were only shown if you manually ran the MOTD command. ## Protocol * `LIST C