Debian Security Advisory
DSA-4252-1 znc -- security update
- Date Reported:
- 18 Jul 2018
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2018-14055, CVE-2018-14056.
- More information:
Jeriko One discovered two vulnerabilities in the ZNC IRC bouncer which could result in privilege escalation or denial of service.
For the stable distribution (stretch), these problems have been fixed in version 1.6.5-1+deb9u1.
We recommend that you upgrade your znc packages.
For the detailed security status of znc please refer to its security tracker page at: https://security-tracker.debian.org/tracker/znc