{
  "schema_version": "1.7.0",
  "id": "MGASA-2013-0265",
  "published": "2013-08-30T17:33:18Z",
  "modified": "2013-08-30T17:33:12Z",
  "summary": "Updated ngircd package fixes CVE-2013-5580",
  "details": "Updated ngircd package fixes security vulnerability:\n\nDenial of service bug (server crash) in ngIRCd before 20.3 which could happen\nwhen the configuration option \"NoticeAuth\" is enabled (which is NOT the\ndefault) and ngIRCd failed to send the \"notice auth\" messages to new clients\nconnecting to the server (CVE-2013-5580).\n",
  "upstream": [
    "CVE-2013-5580"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2013-0265.html"
    },
    {
      "type": "WEB",
      "url": "http://arthur.barton.de/pipermail/ngircd-ml/2013-August/000645.html"
    },
    {
      "type": "WEB",
      "url": "http://ngircd.barton.de/news.php.en"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=11082"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:3",
        "name": "ngircd",
        "purl": "pkg:rpm/mageia/ngircd?arch=source&distro=mageia-3"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "20.3-1.mga3"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}
