-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-154930f99b 2019-09-25 01:57:20.925527 --------------------------------------------------------------------------------
Name : znc Product : Fedora 29 Version : 1.7.4 Release : 4.fc29 URL : https://znc.in Summary : An advanced IRC bouncer Description : ZNC is an IRC bouncer with many advanced features like detaching, multiple users, per channel playback buffer, SSL, IPv6, transparent DCC bouncing, Perl and C++ module support to name a few.
-------------------------------------------------------------------------------- Update Information:
Fixes CVE-2019-12816 -------------------------------------------------------------------------------- ChangeLog:
* Mon Aug 19 2019 Miro Hron��ok mhroncok@redhat.com - 1.7.4-4 - Rebuilt for Python 3.8 * Mon Aug 19 2019 Miro Hron��ok mhroncok@redhat.com - 1.7.4-3 - Rebuilt for Python 3.8 * Sat Jul 27 2019 Fedora Release Engineering releng@fedoraproject.org - 1.7.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Fri Jul 5 2019 Nick Bebout nb@fedoraproject.org - 1.7.4-1 - Update to 1.7.4 to fix CVE-2019-12816 * Thu May 30 2019 Jitka Plesnikova jplesnik@redhat.com - 1.7.3-2 - Perl 5.30 rebuild * Tue Apr 9 2019 Nick Bebout nb@fedoraproject.org - 1.7.3-1 - Update to 1.7.3 * Wed Mar 27 2019 Nick Bebout nb@fedoraproject.org - 1.7.3-0.1 - Update to 1.7.3-rc1 to fix CVE-2019-9917 * Sun Feb 3 2019 Fedora Release Engineering releng@fedoraproject.org - 1.7.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Jan 29 2019 Jason L Tibbitts III tibbs@math.uh.edu - 1.7.2-1 - Update to 1.7.2. - Fix three paths in the manpage (#1624519). * Wed Jan 23 2019 Pete Walter pwalter@fedoraproject.org - 1.7.1-4 - Rebuild for ICU 63 * Fri Aug 24 2018 Todd Zullinger tmz@pobox.com - 1.7.1-3 - Clean up ancient Fedora and RHEL conditionals - Remove cruft from %prep - Use %autosetup, %make_build, and %make_install macros - Use https for URL and SOURCE tags - Check upstream GPG signature in %prep - Simplify %{_libdir}/znc/ file list - Enable verbose make - Pass --with-tcl to ensure tclConfig.sh is found - Remove Group tag - Use system-wide crypto policy - Use %license tag for LICENSE file - Add ChangeLog.md and NOTICE files to %doc - Move znc-buildmod.1 to znc-devel -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1726159 - CVE-2019-12816 znc: invalid encoding leading to remote code execution [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1726159 [ 2 ] Bug #1726160 - CVE-2019-12816 znc: invalid encoding leading to remote code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1726160 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-154930f99b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------