Bug 143241 - [maintainer-update|patch] irc/ircd-ratbox-devel: Security fix release
Summary: [maintainer-update|patch] irc/ircd-ratbox-devel: Security fix release
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Nemo Liu
Depends on:
Reported: 2010-01-26 03:20 UTC by moggie
Modified: 2010-01-28 21:30 UTC (History)
0 users

See Also:

ircd-ratbox-devel-3.0.6.diff (1.04 KB, patch)
2010-01-26 03:20 UTC, moggie
no flags Details | Diff
file.diff (1.87 KB, patch)
2010-01-26 03:20 UTC, moggie
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description moggie 2010-01-26 03:20:03 UTC
A vulnerability has been discovered in the 3.0.x branch of ratbox which affects the '/links' module.

The vulnerability enables a user to trigger an event that can cause the IRCD to crash. This issue has been corrected in the ircd-ratbox-3.0.6 release. All IRCD admins running previous versions are advised to upgrade immediately.

As a temporary work-around, the m_links.so module can be unloaded until the upgrade takes place.
Comment 1 Nemo Liu freebsd_committer 2010-01-26 07:23:23 UTC
Responsible Changed
From-To: freebsd-ports-bugs->nemoliu

I'll take it.
Comment 2 dfilter service freebsd_committer 2010-01-28 21:27:43 UTC
miwi        2010-01-28 21:27:34 UTC

  FreeBSD ports repository

  Modified files:
    irc/ircd-ratbox-devel Makefile distinfo 
  Removed files:
    irc/ircd-ratbox-devel/files patch-libratbox_src_commio.c 
  - Update to 3.0.6
  PR:             143241
  Submitted by:   moggie <moggie@elasticmind.net> (maintainer)
  With hat:       secteam
  Security:       http://www.vuxml.org/freebsd/192609c8-0c51-11df-82a0-00248c9b4be7.html
  Revision  Changes    Path
  1.25      +1 -2      ports/irc/ircd-ratbox-devel/Makefile
  1.19      +3 -3      ports/irc/ircd-ratbox-devel/distinfo
  1.2       +0 -11     ports/irc/ircd-ratbox-devel/files/patch-libratbox_src_commio.c (dead)
cvs-all@freebsd.org mailing list
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 3 Martin Wilke freebsd_committer 2010-01-28 21:27:54 UTC
State Changed
From-To: open->closed

documented and updated with my secteam hat on.