[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Announcing irc 2.9.2 PL 3
Announcing irc 2.9.2 PL 3
Release 2.9.2 PL 3 of the IRC software is a response to the
recent bug mentionned on BUGTRAQ. There is no new feature.
All 2.9.x versions (except 2.9.2 PL 3) are vulnerable to a
buffer overflow which let anyone able to connect to the
server crash it. This is a serious security threat and I
have received reports that it might be actively exploited to
break in machines: 2 servers on IRCNET have recently been
compromised and this might be related to the buffer overflow
in ircd.
The new version, as well as a diff to upgrade are available.
http://www.stealth.net/~kalt/irc/src/irc2.9.2p3.tgz
http://www.stealth.net/~kalt/irc/src/diff.irc2.9.2p2_to_p3
--
People running a 2.9.3beta should upgrade to 2.9.3b20 which
has the bug fix.