Advisories » MGASA-2014-0543

Updated znc package fixes CVE-2014-9403

Publication date: 21 Dec 2014
Modification date: 21 Dec 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-9403

Description

Updated znc packages fix security vulnerability:

Adding an already existing channel to a user/network via web admin in ZNC
causes a crash if the channel name isn't prefixed with '#' (CVE-2014-9403).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=14855
• http://www.gentoo.org/security/en/glsa/glsa-201412-31.xml
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9403

SRPMS

4/core

• znc-1.0-4.1.mga4