Changelog for
znc-tcl-1.9.1-1.1.x86_64.rpm :
* Fri Jul 05 2024 Michael Vetter
- Update to 1.9.1 (boo#1227393, CVE-2024-39844)
* This is a security release to fix CVE-2024-39844: remote code execution vulnerability in modtcl. To mitigate this for existing installations, simply unload the modtcl module for every user, if it\'s loaded. Note that only users with admin rights can load modtcl at all.
* Improve tooltips in webadmin.
* Thu May 02 2024 David Mulder - Update to version 1.9.0:
* Fixed crash when receiving SASL lines from server without having negotiated SASL via CAP.
* Fixed build with SWIG 4.2.0.
* Fixed build with LibreSSL.
* Fixed handling of timezones when parsing server-time tags received from server.
* Use module names as the module ident, otherwise some clients were merging conversations with different modules together.
* Stopped sending invalid 333 (`RPL_TOPICWHOTIME`) to client if topic owner is unknown.
* Fixed an ODR violation.
* Better hide password in PASS debug lines, sometimes it was not hidden.
* CAP REQ sent by client without CAP LS now suspends the registration as the spec requires.
* Removed 1841.patch (upstreamed).
* Modified harden_znc.service.patch to apply to latest release.
* Tue Feb 06 2024 Dominique Leuenberger - Provide user/group, as required by RPM 4.19 (boo#1219531).
* Fri Nov 18 2022 Dominique Leuenberger - Add 1841.patch: support SWIG 4.1.0 (boo#1205425).
* Tue Jan 11 2022 Johannes Segitz - Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
* harden_znc.service.patch
* Tue Sep 08 2020 Maximilian Trummer - Update to 1.8.2:
* Polish translation
* List names of translators in TRANSLATORS.md file in source, as this contribution isn\'t directly reflected in git log
* During --makeconf warn about listening on port 6697 too, not only about 6667 (#1734)
* webadmin: When confirming deletion of a network and selecting No, redirect to the edituser page instead of listusers page (#1751)
* Make more client command results translateable, which were missed before
* Sat Aug 15 2020 Dirk Mueller - update to 1.8.1:
* Authenticated users can trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network. (bsc#1172446, CVE-2020-1377)
* Mon May 11 2020 Martin Pluskal - Use pristine linker flags- Use systemd orering to allow working in environments without running systemd
* Wed May 06 2020 Paolo Stivanin - Update to 1.8.0:
* Output of various commands (e.g. /znc help) was switched from a table to a list
* Support IP while verifying SSL certificates (#1504)
* Make it more visible that admins have lots of privileges
* Fix null dereference on startup when reading invalid config (#1585)
* Don\'t show server passwords on ZNC startup (#1599)
* Fix build with newer OpenSSL (#1688)
* Fix in-source CMake build
* Fix echo-message for
*status (#1705)
* controlpanel: Add already supported NoTrafficTimeout User variable to help output
* Support python 3.9 (#1702)
* modtcl: Added GetNetworkName (#1658)
* partyline: Module is removed (#1632)
* q: Module is removed (#786)
* route_replies: Handle more numerics (#1421) (#1659) (#1660)
* sasl: Fix sending of long authentication information (#942)
* shell: Unblock signals when spawning child processes (#1590)
* simple_away: Convert to UTC time (#1506)
* watch: Better support multiple clients (#1701)
* webadmin: Better wording for TrustPKI setting (#1670) (#1711) (#1713)
* Refactor the way how SSL certificate is checked to simplify future socket-related refactors (#1697)
* Various improvements for translation CI
* Normalize variable name sUserName/sUsername (#1546)
* Make de-escaping less lenient (#1715)
* Sun Sep 29 2019 Mathias Homann - Update to 1.7.5:
* modpython: Add support for Python 3.8
* modtcl: install .tcl files when building with CMake
* nickserv: report success of Clear commands
* Update translations, add Italian, Bulgarian, fix name of Dutch
* Update error messages to be clearer
* Add a deprecation warning to ./configure to use CMake instead in addition to an already existing warning in README