oss-sec mailing list archives

Re: CVE request: znc

From: Henri Salo <henri () nerv fi>
Date: Mon, 9 Jan 2012 13:17:33 +0200

On Sun, Jan 08, 2012 at 04:39:48PM +0100, Moritz Muehlenhoff wrote:

Hi,
please assign a CVE ID to a DoS issue in the ZNC IRC bouncer.

I don't have a upstream reference, but the upstream patch applied 
by the Debian maintainer can be found here:

http://patch-tracker.debian.org/patch/series/view/znc/0.202-2/01-fix-bouncedcc-dos.diff 
http://packages.qa.debian.org/z/znc/news/20120107T145601Z.html

Cheers,
        Moritz


Here is the changelog: http://wiki.znc.in/ChangeLog/0.202
This looks a bit like Debian-patch: 
https://github.com/znc/znc/commit/6ae491ca66e8f7d8c4fe3caca3adbe147c7e552c#modules/bouncedcc.cpp

- Henri Salo

Current thread:

CVE request: znc Moritz Muehlenhoff (Jan 08)
- Re: CVE request: znc Henri Salo (Jan 09)
  - Re: CVE request: znc Henri Salo (Jan 09)
    - Re: CVE request: znc Kurt Seifried (Jan 09)