lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Apr 2015 17:42:18 +0200 From: Sebastien Delafond <seb@...ian.org> To: bugtraq@...urityfocus.com Subject: [SECURITY] [DSA 3226-1] inspircd security update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3226-1 security@...ian.org http://www.debian.org/security/ Sebastien Delafond April 15, 2015 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : inspircd Debian Bug : 780880 adam@...pe.org discovered several problems in inspircd, an IRC daemon: - an incomplete patch for CVE-2012-1836 failed to adequately resolve the problem where maliciously crafted DNS requests could lead to remote code execution through a heap-based buffer overflow. - the incorrect processing of specific DNS packets could trigger an infinite loop, thus resulting in a denial of service. For the stable distribution (wheezy), this problem has been fixed in version 2.0.5-1+deb7u1. For the upcoming stable distribution (jessie) and unstable distribution (sid), this problem has been fixed in version 2.0.16-1. We recommend that you upgrade your inspircd packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@...ts.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJVLoRHAAoJEBC+iYPz1Z1kO6wIAL9ONDnBUaddsmnW8wMvBScS G9Lx4gnP6+3zh9MS3h+c71udMwjqDntoHmZ214Dlc8dDT2o2XDb1ATxbtkdW5oNA UYTJgrBlwWFeeR5p7tliIwEZVviUULb52RIQUUNzEd/vKgXuOvluIBYPnln2wulw o81qAVs+ObUqohEFk7H2/SSkgbPNkqjmdgpVIDGmQNoXOWzKV65q7RBWXqLRYb4B 2ujGpt9YEtlzw2Elnkeb7ygwZWDnXcLwOX3r6EITWEJXBhNA0Z4tCcBL/N6tIbZf xjJt5yey+QudxHr8GfOfk9Fccicueh7fSgPRqGvS23BF8tGVd4Bo9ijsiz0tqUA= =G6c1 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists