From 598df07584d4a8ed69d39dde140a6e77c2d74fc4 Mon Sep 17 00:00:00 2001 From: Alexander Barton Date: Sun, 10 Aug 2008 14:26:51 +0200 Subject: [PATCH] Added CVE identifiers to ChangeLog. see http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ngircd --- ChangeLog | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 74eed80e..ea10e6db 100644 --- a/ChangeLog +++ b/ChangeLog @@ -59,7 +59,7 @@ ngIRCd 0.11.0 (2008-01-15) ngIRCd 0.11.0-pre2 (2008-01-07) - SECURITY: IRC_PART could reference invalid memory, causing - ngircd to crash [from HEAD]. + ngircd to crash [from HEAD]. (CVE-2008-0285) ngIRCd 0.11.0-pre1 (2008-01-02) - Use dotted-decimal IP address if hostname is >= 64. @@ -93,12 +93,13 @@ ngIRCd 0.11.0 (2008-01-15) ngIRCd 0.10.4 (2008-01-07) - SECURITY: IRC_PART could reference invalid memory, causing - ngircd to crash [from HEAD]. + ngircd to crash [from HEAD]. (CVE-2008-0285) ngIRCd 0.10.3 (2007-08-01) - SECURITY: Fixed a severe bug in handling JOIN commands, which could cause the server to crash. Thanks to Sebastian Vesper, . + (CVE-2007-6062) ngIRCd 0.10.2 (2007-06-08) @@ -233,13 +234,13 @@ ngIRCd 0.8.3 (2005-02-03) - Fixed a bug that could case a root exploit when the daemon is compiled to do IDENT lookups and is logging to syslog. Bug discovered by CoKi, , thanks a lot! - (http://www.nosystem.com.ar/advisories/advisory-11.txt) + (CVE-2005-0226; http://www.nosystem.com.ar/advisories/advisory-11.txt) ngIRCd 0.8.2 (2005-01-26) - Added doc/SSL.txt to distribution. - Fixed a buffer overflow that could cause the daemon to crash. Bug found - by Florian Westphal, . + by Florian Westphal, . (CVE-2005-0199) - Fixed a possible buffer underrun when reading the MOTD file. Thanks to Florian Westphal, . - Fixed detection of IRC lines which are too long to send. Detected by