lp:ubuntu/lucid-updates/znc
- Get this branch:
- bzr branch lp:ubuntu/lucid-updates/znc
Branch merges
Branch information
Recent revisions
- 14. By Thomas Ward
-
* SECURITY UPDATE: denial of service caused by NULL pointer dereference
(LP: #1090195)
- debian/patches/ cve-2010- 2448.patch: modify znc.cpp to prevent NULL
pointer dereference. Based on upstream patch.
- CVE-2010-2448
- CVE-2010-2488
* SECURITY UPDATE: denial of service caused by PING command without
arguments (LP: #1090195)
- debian/patches/ cve-2010- 2812.patch: modify Client.cpp to correctly
handle PING commands that have no arguments. Based on upstream patch.
- CVE-2010-2812
* SECURITY UPDATE: denial of service via unknown vectors related to
"unsafe substr() calls" (LP: #1090195)
- debian/patches/ cve-2010- 2934.patch: modify IRCSock.cpp,
modules/adminlog. cpp, modules/away.cpp, and modules/email.cpp to
remove unsafe substr() calls. Based on upstream patch.
- CVE-2010-2934 - 13. By Patrick Matthäi <email address hidden>
-
* New upstream release.
- connect_throttle module has been dropped.
- Remove dropped znc.conf from examples.
* Merge 0.076-1~bpo50+1 changelog.
* Convert package to the 3.0 (quilt) format. - 11. By Patrick Matthäi <email address hidden>
-
* Merge 0.045-3+etch2, 0.045-3+etch3, 0.074-1~bpo40+1 and 0.074-1~bpo50+1
changelog.
* Add versioned recommends on znc-extra.
Closes: #541305 - 10. By Patrick Matthäi <email address hidden>
-
* New upstream release.
- Bump urgency to high. This release fixes an high-impact directory
traversal buf, where unpriviliged users can save about DCC SEND files on
the server with the rights of the znc process. The attacker could also
use the exploit to get a shell on the server.
Closes: #537977
- Use c-ares for DNS resolving, add libc-ares-dev and pkg-config as
build-dependency.
* Merge 0.058-2+lenny2, 0.058-2+lenny3, 0.070-1~bpo40+1 and 0.070-1~bpo50+1
changelog.
* Bump Standards-Version to 3.8.2 (no changes needed). - 9. By Patrick Matthäi <email address hidden>
-
* New upstream release.
- Add new pkgconfig files to znc-dev.
* Fix typo in get-orig-source target.
* Merge 0.058-2~bpo40+1 and 0.058-2~bpo40+2 changelog.
* Add recommends on the new source package znc-extra.
* Add my own copyright for the Debian packaging. - 8. By Patrick Matthäi <email address hidden>
-
* Change my email address.
* Remove DM-Upload-Allowed control field.
* Add new fail2ban module. - 6. By Patrick Matthäi
-
* New upstream release.
- Severity high because it fixes a critical security flaw.
Closes: #516950
* znc-dev has to be arch:any, because it also gives back the used host
compiler. - 5. By Patrick Matthäi
-
* Add missing ${misc:Depends}. Thanks lintian.
* Fix debian/watch, so that it does not take the new znc-extra tarball.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/raring/znc