ngIRCd: Patch to update ngIRCd 0.10.2 to version 0.10.3. ChangeLog | 7 ++++++- configure.in | 4 ++-- contrib/Debian/changelog | 6 ++++++ contrib/ngircd.spec | 2 +- src/ngircd/irc-channel.c | 6 ++++-- 5 files changed, 19 insertions(+), 6 deletions(-) Index: ChangeLog =================================================================== RCS file: /srv/cvs/ngircd/ngircd/ChangeLog,v retrieving revision 1.302.2.17 retrieving revision 1.302.2.19 diff -u -p -r1.302.2.17 -r1.302.2.19 --- ChangeLog 8 Jun 2007 09:05:23 -0000 1.302.2.17 +++ ChangeLog 31 Jul 2007 19:33:51 -0000 1.302.2.19 @@ -10,6 +10,11 @@ -- ChangeLog -- +ngIRCd 0.10.3 (2007-07-31) + + - SECURITY: Fixed a severe bug in handling JOIN commands, which could + cause the server to crash. Thanks to Sebastian Vesper, . + ngIRCd 0.10.2 (2007-06-08) ngIRCd 0.10.2-pre2 (2007-05-19) @@ -689,4 +694,4 @@ ngIRCd 0.0.1, 31.12.2001 -- -$Id: ChangeLog,v 1.302.2.17 2007/06/08 09:05:23 alex Exp $ +$Id: ChangeLog,v 1.302.2.19 2007/07/31 19:33:51 alex Exp $ Index: configure.in =================================================================== RCS file: /srv/cvs/ngircd/ngircd/configure.in,v retrieving revision 1.118.2.12 retrieving revision 1.118.2.13 diff -u -p -r1.118.2.12 -r1.118.2.13 --- configure.in 8 Jun 2007 09:05:23 -0000 1.118.2.12 +++ configure.in 31 Jul 2007 19:07:59 -0000 1.118.2.13 @@ -8,13 +8,13 @@ # (at your option) any later version. # Please read the file COPYING, README and AUTHORS for more information. # -# $Id: configure.in,v 1.118.2.12 2007/06/08 09:05:23 alex Exp $ +# $Id: configure.in,v 1.118.2.13 2007/07/31 19:07:59 alex Exp $ # # -- Initialisation -- AC_PREREQ(2.50) -AC_INIT(ngircd, 0.10.2) +AC_INIT(ngircd, 0.10.3) AC_CONFIG_SRCDIR(src/ngircd/ngircd.c) AC_CANONICAL_TARGET AM_INIT_AUTOMAKE(1.6) Index: contrib/ngircd.spec =================================================================== RCS file: /srv/cvs/ngircd/ngircd/contrib/ngircd.spec,v retrieving revision 1.4.6.5 retrieving revision 1.4.6.6 diff -u -p -r1.4.6.5 -r1.4.6.6 --- contrib/ngircd.spec 8 Jun 2007 09:05:23 -0000 1.4.6.5 +++ contrib/ngircd.spec 31 Jul 2007 19:08:00 -0000 1.4.6.6 @@ -1,5 +1,5 @@ %define name ngircd -%define version 0.10.2 +%define version 0.10.3 %define release 1 %define prefix %{_prefix} Index: contrib/Debian/changelog =================================================================== RCS file: /srv/cvs/ngircd/ngircd/contrib/Debian/changelog,v retrieving revision 1.12.2.8 retrieving revision 1.12.2.9 diff -u -p -r1.12.2.8 -r1.12.2.9 --- contrib/Debian/changelog 8 Jun 2007 09:05:24 -0000 1.12.2.8 +++ contrib/Debian/changelog 31 Jul 2007 19:08:01 -0000 1.12.2.9 @@ -1,3 +1,9 @@ +ngircd (0.10.3-0ab1) unstable; urgency=high + + * New "upstream" release: 0.10.3 - fixing a security bug. + + -- Alexander Barton Tue, 31 Jul 2007 21:02:52 +0200 + ngircd (0.10.2-0ab1) unstable; urgency=low * New "upstream" release: 0.10.2 Index: src/ngircd/irc-channel.c =================================================================== RCS file: /srv/cvs/ngircd/ngircd/src/ngircd/irc-channel.c,v retrieving revision 1.35.2.3 retrieving revision 1.35.2.4 diff -u -p -r1.35.2.3 -r1.35.2.4 --- src/ngircd/irc-channel.c 3 Apr 2007 20:23:31 -0000 1.35.2.3 +++ src/ngircd/irc-channel.c 31 Jul 2007 18:54:30 -0000 1.35.2.4 @@ -14,7 +14,7 @@ #include "portab.h" -static char UNUSED id[] = "$Id: irc-channel.c,v 1.35.2.3 2007/04/03 20:23:31 fw Exp $"; +static char UNUSED id[] = "$Id: irc-channel.c,v 1.35.2.4 2007/07/31 18:54:30 alex Exp $"; #include "imp.h" #include @@ -52,7 +52,9 @@ IRC_JOIN( CLIENT *Client, REQUEST *Req ) assert( Req != NULL ); /* Bad number of arguments? */ - if(( Req->argc > 2 )) return IRC_WriteStrClient( Client, ERR_NEEDMOREPARAMS_MSG, Client_ID( Client ), Req->command ); + if (Req->argc < 1 || Req->argc > 2) + return IRC_WriteStrClient(Client, ERR_NEEDMOREPARAMS_MSG, + Client_ID(Client), Req->command); /* Who is the sender? */ if( Client_Type( Client ) == CLIENT_SERVER ) target = Client_Search( Req->prefix );