Security Information / 2018 / Security Information -- DSA-4252-1 znc

Debian Security Advisory

DSA-4252-1 znc -- security update

Date Reported:

18 Jul 2018

Affected Packages:

znc

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2018-14055, CVE-2018-14056.

More information:

Jeriko One discovered two vulnerabilities in the ZNC IRC bouncer which could result in privilege escalation or denial of service.

For the stable distribution (stretch), these problems have been fixed in version 1.6.5-1+deb9u1.

We recommend that you upgrade your znc packages.

For the detailed security status of znc please refer to its security tracker page at: https://security-tracker.debian.org/tracker/znc