Null pointer dereference in webadmin module [CVE-2013-2130]
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
znc (Debian) |
Fix Released
|
Unknown
|
|||
znc (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Raring |
Fix Released
|
Undecided
|
Unassigned | ||
Saucy |
Fix Released
|
Undecided
|
Unassigned | ||
Trusty |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
This is CVE-2013-2130.
This is/was Debian bug 720632 (http://
The security risk is that there is a null pointer dereference in the webadmin module.
This is fixed in Debian and ZNC 1.2 upstream.
Precise and Quantal are not affected as the CVE only affects ZNC 1.0 and newer, which means that it only applies to Raring, Saucy, and Trusty. See the notes below regarding Saucy and Trusty.
Raring is currently affected.
Saucy is "Fix Released" as the fix is already included as a patch in 1.0-5 from Debian, which is in Saucy. (02-CVE-
Trusty is "Fix Released" as the fix is incorporated into Debian 1.2-3 which is in Trusty right now.
Related branches
CVE References
description: | updated |
description: | updated |
Changed in znc (Ubuntu Trusty): | |
status: | Confirmed → Fix Released |
Changed in znc (Ubuntu Saucy): | |
status: | New → Fix Released |
description: | updated |
Changed in znc (Debian): | |
status: | Unknown → Fix Released |
no longer affects: | znc (Ubuntu Precise) |
no longer affects: | znc (Ubuntu Quantal) |
12.10 and earlier are not affected.