Patch to upgrade ngIRCd 0.11.0-pre1 to version 0.11.0-pre2. ChangeLog | 8 ++++++-- configure.in | 6 +++--- contrib/Debian/changelog | 12 ++++++++++++ contrib/ngircd.spec | 2 +- doc/FAQ.txt | 11 +---------- src/ngircd/irc-channel.c | 22 ++++++++-------------- 6 files changed, 31 insertions(+), 30 deletions(-) Index: ChangeLog =================================================================== RCS file: /srv/cvs/ngircd/ngircd/ChangeLog,v retrieving revision 1.332.2.1 retrieving revision 1.332.2.4 diff -u -p -r1.332.2.1 -r1.332.2.4 --- ChangeLog 2 Jan 2008 21:21:55 -0000 1.332.2.1 +++ ChangeLog 7 Jan 2008 21:25:35 -0000 1.332.2.4 @@ -10,8 +10,12 @@ -- ChangeLog -- -ngIRCd 0.11.0-pre1 (2009-01-02) +ngIRCd 0.11.0-pre2 (2008-01-07) + - SECURITY: IRC_PART could reference invalid memory, causing + ngircd to crash [from HEAD]. + + ngIRCd 0.11.0-pre1 (2008-01-02) - Use dotted-decimal IP address if hostname is >= 64. - Add support for /STAT u (server uptime) command. - New [Server] configuration Option "Bind" allows to specify @@ -724,4 +728,4 @@ ngIRCd 0.0.1, 31.12.2001 -- -$Id: ChangeLog,v 1.332.2.1 2008/01/02 21:21:55 alex Exp $ +$Id: ChangeLog,v 1.332.2.4 2008/01/07 21:25:35 alex Exp $ Index: configure.in =================================================================== RCS file: /srv/cvs/ngircd/ngircd/configure.in,v retrieving revision 1.125.2.1 retrieving revision 1.125.2.2 diff -u -p -r1.125.2.1 -r1.125.2.2 --- configure.in 2 Jan 2008 21:21:55 -0000 1.125.2.1 +++ configure.in 7 Jan 2008 21:25:36 -0000 1.125.2.2 @@ -1,6 +1,6 @@ # # ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2005 Alexander Barton +# Copyright (c)2001-2008 Alexander Barton # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -8,13 +8,13 @@ # (at your option) any later version. # Please read the file COPYING, README and AUTHORS for more information. # -# $Id: configure.in,v 1.125.2.1 2008/01/02 21:21:55 alex Exp $ +# $Id: configure.in,v 1.125.2.2 2008/01/07 21:25:36 alex Exp $ # # -- Initialisation -- AC_PREREQ(2.50) -AC_INIT(ngircd, 0.11.0-pre1) +AC_INIT(ngircd, 0.11.0-pre2) AC_CONFIG_SRCDIR(src/ngircd/ngircd.c) AC_CANONICAL_TARGET AM_INIT_AUTOMAKE(1.6) Index: contrib/ngircd.spec =================================================================== RCS file: /srv/cvs/ngircd/ngircd/contrib/ngircd.spec,v retrieving revision 1.4.8.1 retrieving revision 1.4.8.2 diff -u -p -r1.4.8.1 -r1.4.8.2 --- contrib/ngircd.spec 2 Jan 2008 21:21:56 -0000 1.4.8.1 +++ contrib/ngircd.spec 7 Jan 2008 21:25:36 -0000 1.4.8.2 @@ -1,5 +1,5 @@ %define name ngircd -%define version 0.11.0-pre1 +%define version 0.11.0-pre2 %define release 1 %define prefix %{_prefix} Index: contrib/Debian/changelog =================================================================== RCS file: /srv/cvs/ngircd/ngircd/contrib/Debian/changelog,v retrieving revision 1.14.2.1 retrieving revision 1.14.2.2 diff -u -p -r1.14.2.1 -r1.14.2.2 --- contrib/Debian/changelog 2 Jan 2008 21:21:57 -0000 1.14.2.1 +++ contrib/Debian/changelog 7 Jan 2008 21:25:37 -0000 1.14.2.2 @@ -1,9 +1,21 @@ +ngircd (0.11.0-0ab0-pre2) unstable; urgency=low + + * Second prerelease of upcoming new "upstream release". + + -- Alexander Barton Mon, 7 Jan 2008 15:32:42 +0100 + ngircd (0.11.0-0ab0-pre1) unstable; urgency=low * Prerelease of upcoming new "upstream release". -- Alexander Barton Wed, 2 Jan 2008 21:33:15 +0100 +ngircd (0.10.4-0ab1) unstable; urgency=high + + * New "upstream" release: 0.10.4 - fixing a security bug. + + -- Alexander Barton Mon, 7 Jan 2008 22:04:44 +0100 + ngircd (0.10.0-0ab1) unstable; urgency=low * New "upstream" release: 0.10.0 Index: doc/FAQ.txt =================================================================== RCS file: /srv/cvs/ngircd/ngircd/doc/FAQ.txt,v retrieving revision 1.11 retrieving revision 1.11.4.1 diff -u -p -r1.11 -r1.11.4.1 --- doc/FAQ.txt 9 Dec 2005 21:14:56 -0000 1.11 +++ doc/FAQ.txt 2 Jan 2008 22:36:48 -0000 1.11.4.1 @@ -62,15 +62,6 @@ A: On Linux/glibc with chroot enabled yo is to either disable chroot support or to link against dietlibc instead of glibc. (tnx to Sebastian Siewior) -Q: I am running Linux and ngircd dies on startup with the follwing errors: - IO subsystem: epoll (hint size 100, initial maxfd 100, masterfd -1). - Cannot initialize IO routines: Function not implemented - Server isn't listening on a single port! - ngircd exiting due to fatal errors! -A: epoll is only supported on 2.6 Linux kernels. Either use a 2.6 kernel, or - re-run configure with the --without-epoll parameter. After configure - completed, you should see select() being listed as IO backend: - '(I/O backend: "select()"'). IV. Bugs!? ~~~~~~~~~~ @@ -85,4 +76,4 @@ A: Please file a bug report at @@ -269,8 +269,9 @@ IRC_PART( CLIENT *Client, REQUEST *Req ) assert( Client != NULL ); assert( Req != NULL ); - /* Falsche Anzahl Parameter? */ - if(( Req->argc > 2 )) return IRC_WriteStrClient( Client, ERR_NEEDMOREPARAMS_MSG, Client_ID( Client ), Req->command ); + if (Req->argc < 1 || Req->argc > 2) + return IRC_WriteStrClient(Client, ERR_NEEDMOREPARAMS_MSG, + Client_ID(Client), Req->command); /* Wer ist der Absender? */ if( Client_Type( Client ) == CLIENT_SERVER ) target = Client_Search( Req->prefix ); @@ -278,18 +279,11 @@ IRC_PART( CLIENT *Client, REQUEST *Req ) if( ! target ) return IRC_WriteStrClient( Client, ERR_NOSUCHNICK_MSG, Client_ID( Client ), Req->prefix ); /* Channel-Namen durchgehen */ - chan = strtok( Req->argv[0], "," ); - while( chan ) - { - if( ! Channel_Part( target, Client, chan, Req->argc > 1 ? Req->argv[1] : Client_ID( target ))) - { - /* naechsten Namen ermitteln */ - chan = strtok( NULL, "," ); - continue; - } + chan = strtok(Req->argv[0], ","); + while (chan) { + Channel_Part(target, Client, chan, Req->argc > 1 ? Req->argv[1] : Client_ID(target)); - /* naechsten Namen ermitteln */ - chan = strtok( NULL, "," ); + chan = strtok(NULL, ","); } return CONNECTED; } /* IRC_PART */