-
znc (0.092-3~lucid1) lucid-backports; urgency=low
* Automated backport upload; no source changes.
znc (0.092-3) unstable; urgency=medium
* Add patch 04-null-pointer-dereference.diff from upstream, which fixes an
NULL pointer dereference in the route_replies module.
znc (0.092-2) unstable; urgency=medium
* Merge 0.092-1~bpo50+1 changelog.
* Add upstream patch 01-out-of-range-error.diff, which fixes a DoS from
authenticated users.
Closes: #592064
* Add upstream patch 02-inc-port-in-cookie.diff, which adds the port number
of the znc instance to the cookie name, to avoid cookie clashes with more
than a single znc instance per IP and user.
* Add upstream patch 03-attach-channels-on-joining.diff, which ensures, that
channels are always attached on joining them.
znc (0.092-1~bpo50+1) lenny-backports; urgency=low
* Rebuild for lenny-backports.
- Revert the 3.0 (quilt) format.
znc (0.092-1) unstable; urgency=low
* New upstream release.
- Remove 01-null-pointer-traffic.diff, merged by upstream.
* Bump Standards-Version to 3.9.0.
- Use Breaks instead of Conflicts in some situations.
- Fix BSD license in debian/copyright.
znc (0.090-2) unstable; urgency=high
* Add patch 01-null-pointer-traffic.diff, which fixes a NULL pointer
dereference in the traffic stats.
Closes: #584929
znc (0.090-1) unstable; urgency=low
* New usptream release.
* Add missing replaces to the znc package against the removed znc-webadmin
one.
znc (0.090~rc1-1) unstable; urgency=low
* New upstream release candidate.
- Drop znc-webadmin package. It is now provided in the core source code.
- Rename discon_kick module to disconkick.
- Add charset and notes module.
* Add missing dependency on libc-ares-dev to znc-dev.
znc (0.080-1) unstable; urgency=low
* New upstream release
znc (0.080~rc1-1) unstable; urgency=low
* New upstream release candidate.
- Add new modules flooddetach, clientnotify and block_motd.
* Merge 0.078-1~bpo50+1 changelog.
* Bump Standards-Version to 3.8.4 (no changes needed).
-- Scott Kitterman <email address hidden> Wed, 11 May 2011 13:34:53 +0000
-
znc (0.078-1ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: denial of service caused by NULL pointer dereference
(LP: #1090195)
- debian/patches/cve-2010-2448.patch: modify znc.cpp to prevent NULL
pointer dereference. Based on upstream patch.
- CVE-2010-2448
- CVE-2010-2488
* SECURITY UPDATE: denial of service caused by PING command without
arguments (LP: #1090195)
- debian/patches/cve-2010-2812.patch: modify Client.cpp to correctly
handle PING commands that have no arguments. Based on upstream patch.
- CVE-2010-2812
* SECURITY UPDATE: denial of service via unknown vectors related to
"unsafe substr() calls" (LP: #1090195)
- debian/patches/cve-2010-2934.patch: modify IRCSock.cpp,
modules/adminlog.cpp, modules/away.cpp, and modules/email.cpp to
remove unsafe substr() calls. Based on upstream patch.
- CVE-2010-2934
-- Thomas Ward <email address hidden> Tue, 18 Dec 2012 06:29:44 +0000
-
znc (0.078-1) unstable; urgency=low
* New upstream release.
- connect_throttle module has been dropped.
- Remove dropped znc.conf from examples.
* Merge 0.076-1~bpo50+1 changelog.
* Convert package to the 3.0 (quilt) format.
-- Ubuntu Archive Auto-Sync <email address hidden> Tue, 05 Jan 2010 06:08:15 +0000
-
znc (0.076-1) unstable; urgency=low
* New upstream release.
znc (0.076~rc1-1) unstable; urgency=low
* New upstream release candidate.
* Fix long description of znc-extra. Tcl is not anymore part of it.
* Enable building of the saslauth module with patch from Miguelangel Jose
Freitas Loreto and install it to the znc-extra package.
Closes: #547333
znc (0.076~beta1-1) unstable; urgency=low
* New upstream beta release.
- znc-extra has been merged in the main znc tree. Build and install them to
the new znc-extra package.
- Install the Tcl module to the znc-tcl package.
* s/perl/Perl/ in long description of the znc-perl package.
* Conflict again the old znc-extra-dbg package at znc-dbg.
* Use dh_install with --list-missing, so I do not forget an module.
* Bump Standards-Version to 3.8.3 (no changes needed).
* Add missing licenses.
znc (0.074-2) unstable; urgency=low
* Merge 0.045-3+etch2, 0.045-3+etch3, 0.074-1~bpo40+1 and 0.074-1~bpo50+1
changelog.
* Add versioned recommends on znc-extra.
Closes: #541305
-- Ubuntu Archive Auto-Sync <email address hidden> Fri, 06 Nov 2009 10:41:42 +0000
-
znc (0.074-1) unstable; urgency=high
* New upstream release.
- Bump urgency to high. This release fixes an high-impact directory
traversal buf, where unpriviliged users can save about DCC SEND files on
the server with the rights of the znc process. The attacker could also
use the exploit to get a shell on the server.
Closes: #537977
- Use c-ares for DNS resolving, add libc-ares-dev and pkg-config as
build-dependency.
* Merge 0.058-2+lenny2, 0.058-2+lenny3, 0.070-1~bpo40+1 and 0.070-1~bpo50+1
changelog.
* Bump Standards-Version to 3.8.2 (no changes needed).
-- Krzysztof Klimonda <email address hidden> Sat, 15 Aug 2009 18:10:51 +0100
