-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-d5ad4a435c 2019-04-23 20:13:25.293520 --------------------------------------------------------------------------------
Name : znc Product : Fedora 29 Version : 1.7.3 Release : 1.fc29 URL : https://znc.in Summary : An advanced IRC bouncer Description : ZNC is an IRC bouncer with many advanced features like detaching, multiple users, per channel playback buffer, SSL, IPv6, transparent DCC bouncing, Perl and C++ module support to name a few.
-------------------------------------------------------------------------------- Update Information:
Fixes CVE-2019-9917 -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 9 2019 Nick Bebout nb@fedoraproject.org - 1.7.3-1 - Update to 1.7.3 * Wed Mar 27 2019 Nick Bebout nb@fedoraproject.org - 1.7.3-0.1 - Update to 1.7.3-rc1 to fix CVE-2019-9917 * Sun Feb 3 2019 Fedora Release Engineering releng@fedoraproject.org - 1.7.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Jan 29 2019 Jason L Tibbitts III tibbs@math.uh.edu - 1.7.2-1 - Update to 1.7.2. - Fix three paths in the manpage (#1624519). * Wed Jan 23 2019 Pete Walter pwalter@fedoraproject.org - 1.7.1-4 - Rebuild for ICU 63 * Fri Aug 24 2018 Todd Zullinger tmz@pobox.com - 1.7.1-3 - Clean up ancient Fedora and RHEL conditionals - Remove cruft from %prep - Use %autosetup, %make_build, and %make_install macros - Use https for URL and SOURCE tags - Check upstream GPG signature in %prep - Simplify %{_libdir}/znc/ file list - Enable verbose make - Pass --with-tcl to ensure tclConfig.sh is found - Remove Group tag - Use system-wide crypto policy - Use %license tag for LICENSE file - Add ChangeLog.md and NOTICE files to %doc - Move znc-buildmod.1 to znc-devel -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1692771 - CVE-2019-9917 znc: crash on invalid encoding [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1692771 [ 2 ] Bug #1692770 - CVE-2019-9917 znc: crash on invalid encoding [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1692770 [ 3 ] Bug #1691613 - znc-1.7.3-rc1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1691613 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-d5ad4a435c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------