Sync znc 0.074-1 (universe) from Debian unstable (main).
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
znc (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
affects ubuntu/znc
status new
importance wishlist
subscribe ubuntu-
done
Please sync znc 0.074-1 (universe) from Debian unstable (main).
Changelog since current karmic version 0.070-1:
znc (0.074-1) unstable; urgency=high
* New upstream release.
- Bump urgency to high. This release fixes an high-impact directory
traversal buf, where unpriviliged users can save about DCC SEND files on
the server with the rights of the znc process. The attacker could also
use the exploit to get a shell on the server.
Closes: #537977
- Use c-ares for DNS resolving, add libc-ares-dev and pkg-config as
build-
* Merge 0.058-2+lenny2, 0.058-2+lenny3, 0.070-1~bpo40+1 and 0.070-1~bpo50+1
changelog.
* Bump Standards-Version to 3.8.2 (no changes needed).
-- Patrick Matthäi <email address hidden> Fri, 24 Jul 2009 13:46:00 +0200
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIcBAEBCAAGBQJ
DL3AtiFE6BSGLzB
dVXAG736YgZzrE6
SYv0Lb5MXky29TX
TbJC7B0C/
LMFt2CUhafXKpSJ
A6nT2+5UN6p+
M3jUHw0DoIMRiLi
RU0dhQMUNpejLdx
7Pfz7TYlEph5OnL
d2oTa3bpzxKpKm5
Sv2meJt9L6UDjbF
=y4jP
-----END PGP SIGNATURE-----
ack