commit 54e6a2dce5ef34a3ccc971af622fef33e6cb8950 from: Alexander Barton date: Wed Nov 12 23:01:07 2008 UTC Re-add CVE identifiers to ChangeLog. I'm lame. My last commit removed all the CVE numbers recently added in commit 598df0758 to the ChangeLog ... shame on me! See all the CVE entries of ngIRCd at: commit - b01a9bd86473c3100be059b9e6f35f97bcbbf6d2 commit + 54e6a2dce5ef34a3ccc971af622fef33e6cb8950 blob - 18cadd747273c5d59ea93c9964dec2afcd30e033 blob + 0d5967d54ccbe18c6c4bcfdf8f0d15c634b342d0 --- ChangeLog +++ ChangeLog @@ -69,7 +69,7 @@ ngIRCd 0.11.0 (2008-01-15) ngIRCd 0.11.0-pre2 (2008-01-07) - SECURITY: IRC_PART could reference invalid memory, causing - ngircd to crash [from HEAD]. + ngircd to crash [from HEAD]. (CVE-2008-0285) ngIRCd 0.11.0-pre1 (2008-01-02) - Use dotted-decimal IP address if hostname is >= 64. @@ -103,12 +103,13 @@ ngIRCd 0.11.0 (2008-01-15) ngIRCd 0.10.4 (2008-01-07) - SECURITY: IRC_PART could reference invalid memory, causing - ngircd to crash [from HEAD]. + ngircd to crash [from HEAD]. (CVE-2008-0285) ngIRCd 0.10.3 (2007-08-01) - SECURITY: Fixed a severe bug in handling JOIN commands, which could cause the server to crash. Thanks to Sebastian Vesper, . + (CVE-2007-6062) ngIRCd 0.10.2 (2007-06-08) @@ -243,13 +244,13 @@ ngIRCd 0.8.3 (2005-02-03) - Fixed a bug that could case a root exploit when the daemon is compiled to do IDENT lookups and is logging to syslog. Bug discovered by CoKi, , thanks a lot! - (http://www.nosystem.com.ar/advisories/advisory-11.txt) + (CVE-2005-0226; http://www.nosystem.com.ar/advisories/advisory-11.txt) ngIRCd 0.8.2 (2005-01-26) - Added doc/SSL.txt to distribution. - Fixed a buffer overflow that could cause the daemon to crash. Bug found - by Florian Westphal, . + by Florian Westphal, . (CVE-2005-0199) - Fixed a possible buffer underrun when reading the MOTD file. Thanks to Florian Westphal, . - Fixed detection of IRC lines which are too long to send. Detected by