it is unclear to me from the changelog the relation with this specific issue. it doesn't mention any ssl-specific crash and i can't correlate the description with the changelog.
it seems to me that if this was public in the charybdis community, it should be made public here too. furthermore, a CVE should be assigned so that other entities (e.g. Debian) can also track this issue effectively.
it seems that the NEWS file is a little better, but still unclear. has this been clarified upstream?
it is unclear to me from the changelog the relation with this specific issue. it doesn't mention any ssl-specific crash and i can't correlate the description with the changelog.
it seems to me that if this was public in the charybdis community, it should be made public here too. furthermore, a CVE should be assigned so that other entities (e.g. Debian) can also track this issue effectively.
it seems that the NEWS file is a little better, but still unclear. has this been clarified upstream?
https:/ /github. com/charybdis- ircd/charybdis/ blob/release/ 3.5/NEWS. md