Source: inspircd Version: 2.0.5-1+deb7u2 Severity: critical Tags: security inspircd published 2.0.23 that fixes an issue with SASL authentication. The details are here:
http://www.inspircd.org/2016/09/03/v2023-released.html All versions are affected. Upstream hasn't requested a CVE yet. I will contact oss-security to make sure that happens. It seems to also affect Charybdis, which fixed the issue in the upcoming 3.5.3 release: https://github.com/charybdis-ircd/charybdis/commit/818a3fda944b26d4814132cee14cfda4ea4aa824 I will take care of the 3.5.3 upload or backporting those patches to 3.5.2 and 3.4 (if relevant) as soon as I can. -- System Information: Debian Release: 8.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable'), (1, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.6.0-0.bpo.1-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
