LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2010-9312 (ircd-hybrid)



From:
    	      updates@fedoraproject.org 


To:
    	      package-announce@lists.fedoraproject.org 


Subject:
    	      [SECURITY] Fedora 12 Update: ircd-hybrid-7.2.3-11.fc12 


Date:
    	      Tue, 08 Jun 2010 19:30:46 +0000


Message-ID:
    	      <20100608193046.43DEC10F80C@bastion02.phx2.fedoraproject.org>


Archive-link:
    	      Article, Thread
              


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-9312
2010-05-31 17:43:32
--------------------------------------------------------------------------------

Name        : ircd-hybrid
Product     : Fedora 12
Version     : 7.2.3
Release     : 11.fc12
URL         : http://www.ircd-hybrid.org/
Summary     : Internet Relay Chat Server
Description :
Ircd-hybrid is an advanced IRC server which is most commonly used on the
EFNet IRC network.

--------------------------------------------------------------------------------
Update Information:

Two vulnerabilities were reported in ircd-hybrid, ircd-ratbox, and oftc-hybrid.
The first is an integer overflow that can lead to a denial of service or,
possibly, the execution of arbitrary code on the ircd server (CVE-2009-4016
(patch [1])), the second is a NULL pointer dereference that can lead to a
denial of service of the ircd server (CVE-2010-0300 (patch [2])).    This has
been corrected in upstream ircd-ratbox 2.2.9 [3].  CVE-2010-0300 may  be ircd-
ratbox specific, however CVE-2009-4016 affects both ircd servers.    [1]
http://ircd.ratbox.org/cgi-bin/index.cgi/ircd-
ratbox/branches/RATBOX_3_0/src/cache.c?r1=26334&r2=26732  [2]
http://trac.oftc.net/projects/oftc-hybrid/changeset/1062  [3]
http://lists.ratbox.org/pipermail/ircd-ratbox/2010-Januar...
--------------------------------------------------------------------------------
ChangeLog:

* Sat May 29 2010 Rakesh Pandit <rakesh@fedoraproject.org> - 7.2.3-11
- BZ Bug 559383 - CVE-2009-4016 CVE-2010-0300 ircd-{hybrid,ratbox}: multiple vulnerabilities
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #559382 - CVE-2009-4016 CVE-2010-0300 ircd-{hybrid,ratbox}: multiple vulnerabilities
        https://bugzilla.redhat.com/show_bug.cgi?id=559382
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update ircd-hybrid' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds