[Backports-security-announce] Security update for znc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Patrick Matthäi uploaded new packages for znc which fixed the
following security problems:
TEMP-0537977-000291, Debian BTS #537977
It was discovered that znc, an IRC proxy, did not properly process
certain DCC requests, allowing attackers to upload arbitrary files.
For the etch-backports distribution the problem has been fixed in
version 0.074-1~bpo40+1.
For the lenny-backports distribution the problem has been fixed in
version 0.074-1~bpo50+1.
For the lenny and sid distribution the problem has been fixed in
version 0.074-1.
Upgrade instructions
- - --------------------
If you don't use pinning (see [1]) you have to update the packages
manually via "apt-get -t etch-backports install znc" with the
packagelist of your installed packages affected by this update.
[1] <http://backports.org/dokuwiki/doku.php?id=instructions>
We recommend to pin the backports repository to 200 so that new versions
of installed backports will be installed automatically:
Etch:
Package: *
Pin: release a=etch-backports
Pin-Priority: 200
Lenny:
Package: *
Pin: release a=lenny-backports
Pin-Priority: 200
- --
/*
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi
GNU/Linux Debian Developer
E-Mail: pmatthaei@debian.org
patrick@linux-dev.org
Comment:
Always if we think we are right,
we were maybe wrong.
*/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkp4fEgACgkQ2XA5inpabMf97gCfXIGynSgk7pKuf3fhWSMLH1GL
bw4AoIHq6oJ81PngH40SHichVOcQuxT6
=nT4k
-----END PGP SIGNATURE-----
Reply to: