Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 04 Sep 2016 17:45:03 -0400
From: (Antoine Beaupré)
Subject: CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis

inspircd published 2.0.23 that fixes an issue with SASL
authentication. The details are here:

All versions are affected.

Upstream hasn't requested a CVE yet. I told them I would request one
from here on IRC.

It seems to also affect Charybdis, which fixed the issue in the
upcoming 3.5.3 release:


All governments are run by liars and nothing they say should be
                       - I. F. Stone

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ