FEDORA-2022-0bff4ccd3b
Packages in this update:
unrealircd-6.0.2-1.fc36
Update description:
UnrealIRCd 6.0.2
UnrealIRCd 6.0.2 comes with several nice feature enhancements along with some fixes. It also includes a fix for a crash bug that can be triggered by ordinary users.
Fixes
Fix crash that can be triggered by regular users if you have any deny dcc blocks in the config or any spamfilters with the d (DCC) target.
Fix infinite hang on “Loading IRCd configuration” if DNS is not working. For example if the 1st DNS server in /etc/resolv.conf is down or refusing requests.
Some MODE server-to-server commands were missing a timestamp at the end, even though this is mandatory for modes coming from a server.
The channeldb module now converts letter extbans to named extbans (e.g. ~a to ~account). Previously it did not, which caused letter extbans to appear in the banlist. Later on, when linking servers, this would cause duplicate entries to appear as well, with both the old and new format. The extbans were still effective though, so this is mostly a visual +b/+e/+I list issue.
Some Extended Server Bans were not working correctly for WEBIRC proxies. In particular, a server ban or exempt (ELINE) on ~country:XX was only checked against the WEBIRC proxy.
Enhancements
Support for logging to a channel. Similar to snomasks but then for channels.
Command line interface changes:
The CLI tool now communicates to the running UnrealIRCd process via a UNIX socket to send commands and retrieve output.
The command unrealircdctl rehash will now show the rehash output, including warnings and errors, and return a proper exit code.
The same for unrealircdctl reloadtls
The command unrealircdctl status to show if UnrealIRCd is running, the version, channel and user count, ..
The command unrealircdctl genlinkblock is now documented and is referred to from the Linking servers tutorial.
New option set::server-notice-show-event which can be set to no to hide the event information (e.g. connect.LOCAL_CLIENT_CONNECT) in server notices. This can be overridden per-oper in the Oper block via oper::server-notice-show-event.
Support for IRC over UNIX sockets (on the same machine), if you specify a file in the listen block instead of an ip/port. This probably won’t be used much, but the option is there. Users will show up with a host of localhost and IP 127.0.0.1 to keep things simple.
The MAP command now shows percentages of users
Add WHO option to search clients by time connected (e.g. WHO <300 t to search for less than 300 seconds)
Rate limiting of MODE nick -x and -t via new vhost-flood option in set::anti-flood block.
Changes
Update Russian help.ru.conf.
Protocol
SVSMODE #chan -b nick will now correctly remove extbans that prevent nick from joining. This fixes a bug where it would remove too much (for ~time) or not remove extbans (most other extbans, e.g. ~account). SVSMODE #chan -b has also been fixed accordingly (remove all bans preventing joins). Note that all these commands do not remove bans that do not affect joins, such as ~quiet or ~text.
More Stories
iwd-3.3-1.fc40 libell-0.71-1.fc40
FEDORA-2024-0fa283c43a Packages in this update: iwd-3.3-1.fc40 libell-0.71-1.fc40 Update description: iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix...
iwd-3.3-1.fc41 libell-0.71-1.fc41
FEDORA-2024-256818da09 Packages in this update: iwd-3.3-1.fc41 libell-0.71-1.fc41 Update description: iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix...
A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
A vulnerability has been discovered in Apache Struts2, which could allow for remote code execution. Apache Struts2 is an open-source...
CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205
Posted by Thomas Weber | CyberDanube via Fulldisclosure on Dec 21 CyberDanube Security Research 20241219-0 ------------------------------------------------------------------------------- title| Authenticated Remote Code...
USN-7179-1: Linux kernel vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote...
USN-7173-2: Linux kernel vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to...