-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 14 Jun 2019 11:13:39 +0200 Source: znc Binary: znc znc-dbg znc-dev znc-perl znc-python znc-tcl Architecture: source amd64 Version: 1.6.5-1+deb9u2 Distribution: stretch-security Urgency: high Maintainer: Patrick Matthäi Changed-By: Patrick Matthäi Description: znc - advanced modular IRC bouncer znc-dbg - advanced modular IRC bouncer (debugging symbols) znc-dev - advanced modular IRC bouncer (development headers) znc-perl - advanced modular IRC bouncer (Perl extension) znc-python - advanced modular IRC bouncer (Python extension) znc-tcl - advanced modular IRC bouncer (Tcl extension) Closes: 925285 Changes: znc (1.6.5-1+deb9u2) stretch-security; urgency=high . * Add upstream patch 03-CVE-2019-12816 to fix a remote code execution by elevating privileges as described in CVE-2019-12816. * Add patch 04-CVE-2019-9917 to fix CVE-2019-9917: Denial of Service (crash) via invalid encoding. Much thanks to Santiago Ruano Rincón for this patch! Closes: #925285 Checksums-Sha1: da7df6247f9c8e41752e5619ef1bf48653959bc6 2028 znc_1.6.5-1+deb9u2.dsc 4c2634a91695bbf20473cb01d53baf3d0638a663 1470681 znc_1.6.5.orig.tar.gz f37cb815554a68955bd1a246003a2036be743716 20676 znc_1.6.5-1+deb9u2.debian.tar.xz 5ebe864a341040368e8e3aaf10017a59d0803774 25096038 znc-dbg_1.6.5-1+deb9u2_amd64.deb 94dcba72a25767f0c100e00bf76476dc835d98da 100698 znc-dev_1.6.5-1+deb9u2_amd64.deb 04e88c49e5e807a9bc1baa76612270153287c0c4 612780 znc-perl_1.6.5-1+deb9u2_amd64.deb 3daa45a49ca49ddd34656d7e1c6056164326bc8b 641388 znc-python_1.6.5-1+deb9u2_amd64.deb 9ed4ed526aea6c014752a97b1b8eab00204c2590 71128 znc-tcl_1.6.5-1+deb9u2_amd64.deb f617dc1d1930aafe6cebfcb09ef0ff6898104e30 8188 znc_1.6.5-1+deb9u2_amd64.buildinfo 8f099d47c5f3343f8f6d8c97faad4c0469388368 1453364 znc_1.6.5-1+deb9u2_amd64.deb Checksums-Sha256: ab7b2fe9f166d2ec534e71e8228d4a15fde71dd847335ba41b17d36c973bf9a5 2028 znc_1.6.5-1+deb9u2.dsc 2f0225d49c53a01f8d94feea4619a6fe92857792bb3401a4eb1edd65f0342aca 1470681 znc_1.6.5.orig.tar.gz 5aa408dcf83f894bfba8b032dd50deefb025fb04e42780844fa0d8822cf6b507 20676 znc_1.6.5-1+deb9u2.debian.tar.xz ce847442c0e674d4ee5595eef915e7e50c5617940a8ff96825eb5083aca8644d 25096038 znc-dbg_1.6.5-1+deb9u2_amd64.deb 44e8e85c2a1952e1f69de565343968e55f38b09a9fad50169ef25956c54e917a 100698 znc-dev_1.6.5-1+deb9u2_amd64.deb 875a170c796937dc84415b8909816afa01a4cba408d02cf1fe18983aaa5dbe22 612780 znc-perl_1.6.5-1+deb9u2_amd64.deb d9bf90ea1c16c5b546ff9218f4680227bf12c5569984e6f8cfb8bc0722fe19b8 641388 znc-python_1.6.5-1+deb9u2_amd64.deb d56c66f9ef6c105852855fe44ebb3f61cb518eba42733ac7ab3322709b938474 71128 znc-tcl_1.6.5-1+deb9u2_amd64.deb ce63c22653552815c1d842b1a7287fa898abfa986043762ae1c0898800c12430 8188 znc_1.6.5-1+deb9u2_amd64.buildinfo dd51bc66e2743762cf768a4489a5beaf747cc209db4087510d60c4f223bc26f5 1453364 znc_1.6.5-1+deb9u2_amd64.deb Files: 5df8bf2524517cc94354473502f37117 2028 net optional znc_1.6.5-1+deb9u2.dsc ab22e4e94cdd04c5644c4d9213149af0 1470681 net optional znc_1.6.5.orig.tar.gz 558a40c2e5311c0416ff10109e1001c8 20676 net optional znc_1.6.5-1+deb9u2.debian.tar.xz ce645e1bb0e69b1ce92f5a811c9f53d3 25096038 debug extra znc-dbg_1.6.5-1+deb9u2_amd64.deb a31df5b38d7c3cacc3c9eebb1f932ec1 100698 net optional znc-dev_1.6.5-1+deb9u2_amd64.deb 665d60317b00c25f7df5241897f40633 612780 net optional znc-perl_1.6.5-1+deb9u2_amd64.deb 33f4e81013519dd2833cce6fb045ab98 641388 net optional znc-python_1.6.5-1+deb9u2_amd64.deb 3bc51b2e248b4d4f16d7f500594b6212 71128 interpreters optional znc-tcl_1.6.5-1+deb9u2_amd64.deb f879239cc7e88b65c80edaf9bb795cde 8188 net optional znc_1.6.5-1+deb9u2_amd64.buildinfo 84e27b4a444e39cadf9fb4cef3f2c379 1453364 net optional znc_1.6.5-1+deb9u2_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAl0DfzAACgkQEtmwSpDL 2OT4Xw//SOkrLEpu05x2/z6qAUclfUttgGcKe9gdtP1NfkqbBrJ9Nof7vTk4171J mNGSEzYFT0+E7WfH+PcUaWuzPV3tT65axwuwDjWZsU0PqmVqnZUP+pYMw2Gow0I2 uZDwrTzm7NJAx8ofizeFIPzdzPux+c+ZDsKqh1qGwdOQjXJCs4dIxaKB+JmFrRQH RC9G16cGer4DPJUfnVC62MUOwpjXKkqKXZXQsy2/TsCc4nGwMOuQsG7K9AWgGHPl cCYn9VFcMD4qJSlSlXJnkCezEWf6XZBUfNJ3722SaMfrFmQcoUTQ5aki1MBb0h1d ww6+QXvDdSFVZTyq6ud+Cv+uZXDkTwWEzZkkXJy+lacJriNw9OUeBvDctdNE485M OkTNwEl68ajOrsO1Cfmm2O0FFeWvf8iDDmBDA/SfI7Gt3T2QzZIuTQ+jQgyoEqzc V+ncmVU2pH98SKtmoPzQZ32z9fWaY3PrQL38Ib1O6LaEtzuYos2MlVbzLdLa+HMK 5O0Wj6t8Y8DeoqLdy18kyp3R3mGHuzcMVYJNJgHeFjIxtTmcgtr1y/YZMiiiABi5 1WF1oEVwrlQmtp5tOgKakGd5l+fXmrQ0oyK46PQL4jo4Th/BMuJHsZPoQZC9HozN e6SZtiGPnTf9jX3tIaIfqAVVD/39xD2L+twYEHy6Wt4eGwSBklQ= =5W13 -----END PGP SIGNATURE-----