Hi, One of upstream author of inspircd has reported [1] that the fix we provide in the Debian package for CVE-2012-1836 is incomplete. I've refreshed the patch 03_CVE-2012-1836.diff to integrate changes for src/dns.cpp between 2.0.5 and 2.0.7 as suggested by upstream. I've uploaded the version 2.0.5-1+deb7u1 on mentors [2] based on the Debian developers reference guide [3]. [1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780880 [2]: http://mentors.debian.net/debian/pool/main/i/inspircd/inspircd_2.0.5-1 +deb7u1.dsc [3]: https://www.debian.org/doc/manuals/developers-reference/pkgs.en.html#bug-security -- Guillaume Delacour <gui@iroqwa.org>
Attachment:
signature.asc
Description: This is a digitally signed message part