[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Announcing irc 2.9.2 PL 3

To: ircd-users@xxxxxxxxxxx
Subject: Announcing irc 2.9.2 PL 3
From: Christophe Kalt <kalt@xxxxxxxxxxx>
Date: Wed, 2 Jul 1997 14:30:18 -0400

        Announcing irc 2.9.2 PL 3
        
Release 2.9.2 PL 3 of the IRC software is a response to the
recent bug mentionned on BUGTRAQ.  There is no new feature.

All 2.9.x versions (except 2.9.2 PL 3) are vulnerable to a
buffer overflow which let anyone able to connect to the
server crash it.  This is a serious security threat and I
have received reports that it might be actively exploited to
break in machines: 2 servers on IRCNET have recently been
compromised and this might be related to the buffer overflow
in ircd.

The new version, as well as a diff to upgrade are available.
 
http://www.stealth.net/~kalt/irc/src/irc2.9.2p3.tgz
http://www.stealth.net/~kalt/irc/src/diff.irc2.9.2p2_to_p3

--

People running a 2.9.3beta should upgrade to 2.9.3b20 which
has the bug fix.

Prev by Date: Exception lines (E:lines) patch
Next by Date: question...
Previous by thread: Exception lines (E:lines) patch
Next by thread: question...
Index(es):
- Date
- Thread