-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Fri, 24 Jul 2009 13:46:00 +0200 Source: znc Binary: znc znc-dbg znc-dev znc-perl znc-webadmin Architecture: source i386 Version: 0.074-1 Distribution: unstable Urgency: high Maintainer: Patrick Matthäi <pmatthaei@debian.org> Changed-By: Patrick Matthäi <pmatthaei@debian.org> Description: znc - an advanced IRC bouncer znc-dbg - an advanced IRC bouncer (debugging symbols) znc-dev - an advanced IRC bouncer (development headers) znc-perl - an advanced IRC bouncer (Perl extension) znc-webadmin - an advanced IRC bouncer (webadmin module) Closes: 537977 Changes: znc (0.074-1) unstable; urgency=high . * New upstream release. - Bump urgency to high. This release fixes an high-impact directory traversal buf, where unpriviliged users can save about DCC SEND files on the server with the rights of the znc process. The attacker could also use the exploit to get a shell on the server. Closes: #537977 - Use c-ares for DNS resolving, add libc-ares-dev and pkg-config as build-dependency. * Merge 0.058-2+lenny2, 0.058-2+lenny3, 0.070-1~bpo40+1 and 0.070-1~bpo50+1 changelog. * Bump Standards-Version to 3.8.2 (no changes needed). Checksums-Sha1: fb4240b939f9040438e6ddaade4f55f9ba59f347 1047 znc_0.074-1.dsc 52b49047f57e6f65af6c3e59e019bb3537fbec36 401554 znc_0.074.orig.tar.gz 3fca6cc1225e073019ef9cd68cb4145a90ed65cb 8632 znc_0.074-1.diff.gz 4b52289591e66e598ef7c910a359068d08b936f1 889704 znc_0.074-1_i386.deb f4a3837c4b57637e0799635a5e55f73d6991cdcc 4487538 znc-dbg_0.074-1_i386.deb eb2fcded5bd23607a44862201cd89aaaf4f64007 54576 znc-dev_0.074-1_i386.deb eea5a88f15ab6316aaf11679d202a4bd5bd7dc59 61552 znc-perl_0.074-1_i386.deb 2bde317d9b56b5ed16760fa94d5b00d52a4b42df 209450 znc-webadmin_0.074-1_i386.deb Checksums-Sha256: bd3179715349d9a9ec0cb743abab2be58dc6c021d93fedeb1cbd4e35c87c86d8 1047 znc_0.074-1.dsc 40a655833a095b9131b86c9d9ffdeaf25676076ec3239a81ae274694a67762a7 401554 znc_0.074.orig.tar.gz 77882d2baff8c08d212121c6d30e1afa4286e9b588d756a71a1085a066277407 8632 znc_0.074-1.diff.gz e5534878e7d06eef20afb1a08c4fde10560d2ff82e375e2337e861ac9b96d94e 889704 znc_0.074-1_i386.deb 12d01d98f4fc6139cd0755358834bb575067d6b77b9188afa11dba655d25597b 4487538 znc-dbg_0.074-1_i386.deb 4c579a95efa24e278204796f65c5c9888c6bc291bea99cc64b8e92ccaf68a7f5 54576 znc-dev_0.074-1_i386.deb 7756599d2a87b1c10215477180e50e7b1b5d603ee0a4a9f4c93c6f64ef07cdc9 61552 znc-perl_0.074-1_i386.deb a72c094ba95cb9ffc0374997c3adf187040cd341e0cb710888c951f0f13ff501 209450 znc-webadmin_0.074-1_i386.deb Files: 07f231b6eca8c40d841e0d2cf1d53f2d 1047 net optional znc_0.074-1.dsc 378187acd114769f8f97ef2d4b19da25 401554 net optional znc_0.074.orig.tar.gz 990a443d2c2dd859be81894e90632c50 8632 net optional znc_0.074-1.diff.gz a5d550832b8576fdca7cdf903f85b553 889704 net optional znc_0.074-1_i386.deb af90b09e866b1e7832164aedfeec7dca 4487538 debug extra znc-dbg_0.074-1_i386.deb 2e45a9df6751efc722cc8a1622dbac58 54576 net optional znc-dev_0.074-1_i386.deb 69189fbc12d8d9b952a0af3d698d2a76 61552 net optional znc-perl_0.074-1_i386.deb b7299c08c1f978b7e3095ebe395d1c2e 209450 net optional znc-webadmin_0.074-1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkppoiIACgkQ2XA5inpabMdyigCghuBEzW1O4jnRkGf1tE4aHCxj wLEAoIKKumWIHUX103GiwZH6cORVtpSd =WTME -----END PGP SIGNATURE----- Accepted: znc-dbg_0.074-1_i386.deb to pool/main/z/znc/znc-dbg_0.074-1_i386.deb znc-dev_0.074-1_i386.deb to pool/main/z/znc/znc-dev_0.074-1_i386.deb znc-perl_0.074-1_i386.deb to pool/main/z/znc/znc-perl_0.074-1_i386.deb znc-webadmin_0.074-1_i386.deb to pool/main/z/znc/znc-webadmin_0.074-1_i386.deb znc_0.074-1.diff.gz to pool/main/z/znc/znc_0.074-1.diff.gz znc_0.074-1.dsc to pool/main/z/znc/znc_0.074-1.dsc znc_0.074-1_i386.deb to pool/main/z/znc/znc_0.074-1_i386.deb znc_0.074.orig.tar.gz to pool/main/z/znc/znc_0.074.orig.tar.gz
