Package Release Info

znc-1.7.1-2.1

Update Info: openSUSE-2019-571
Available in Package Hub : 12 SP2-SP5

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

znc
znc-devel
znc-lang
znc-perl
znc-python3
znc-tcl

Change Logs

* Wed Jul 18 2018 mpluskal@suse.com
- Update to version 1.7.1:
  * Security critical fixes[edit]
    + CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf.
    + CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name.
  * Core
    + Fix znc-buildmod to not hardcode the compiler used to build ZNC anymore in CMake build (#1536)
    + Fix language selector. Russian and German were both not selectable.
    + Fix build without SSL support (#1554)
    + Fix several broken strings
    + Stop spamming users about debug mode. This feature was added in 1.7.0, now reverted. (#1541)
  * New
    + Add partial Spanish, Indonesian, and Dutch translations
  * Modules
    + adminlog: Log the error message again (regression of 1.7.0) (#1557)
    + admindebug: New module, which allows admins to turn on/off --debug in runtime (#1556)
    + flooddetach: Fix description of commands (#1548)
    + modperl: Fix memory leak in NV handling
    + modperl: Fix functions which return VCString (#1543)
    + modpython: Fix functions which return VCString (#1543)
    + webadmin: Fix fancy CTCP replies editor for Firefox. It was showing the plain version even when JS is enabled
  * Internal
    + Deprecate one of the overloads of CMessage::GetParams(), rename it to CMessage::GetParamsColon()
    + Don't throw from destructor in the integration test
    + Fix a warning with integration test / gmake / znc-buildmod interaction.
- Drop upstream patches:
  * znc-inject2.patch
  * znc-inject.patch
  * znc-traversal.patch
* Mon Jul 16 2018 mpluskal@suse.com
- Fix boo#1101280 CVE-2018-14056
  * znc-traversal.patch
- Fix boo#1101281 CVE-2018-14055
  * znc-inject.patch
  * znc-inject2.patch
- Fix building on Leap-42* by using less strict linker flags
* Mon Jun 04 2018 tchvatal@suse.com
- Define systemd unitdir for cmake
* Fri Jun 01 2018 mpluskal@suse.com
- Update to version 1.7.0:
  * Add CMake build. Minimum supported CMake version is 3.1. For now ZNC can be built with either CMake or autoconf. In future autoconf is going to be removed.
  * Currently znc-buildmod requires python if CMake was used; if that's a concern for you, please open a bug.
  * Increase minimum GCC version from 4.7 to 4.8. Minimum Clang version stays at 3.2.
  * Make ZNC UI translateable to different languages (only with CMake), add partial Russian and German translations. (#1237) (#1354) (#1462)
  * If you want to translate ZNC to your language, please join https://crowdin.com/project/znc-bouncer
  * Configs written before ZNC 0.206 can't be read anymore (#929)
  * Implement IRCv3.2 capabilities away-notify, account-notify, extended-join (#315) (#316)
  * Implement IRCv3.2 capabilities echo-message, cap-notify on the "client side" (#950)
  * Update capability names as they are named in IRCv3.2: znc.in/server-time-iso→server-time, znc.in/batch→batch. Old names will continue working for a while, then will be removed in some future version.
  * Make ZNC request server-time from server when available (#839)
  * Increase accepted line length from 1024 to 2048 to give some space to message tags
  * Separate buffer size settings for channels and queries (#967)
  * Support separate SSLKeyFile and SSLDHParamFile configuration in addition to existing SSLCertFile (#1192)
  * Add "AuthOnlyViaModule" global/user setting (#331)
  * Added pyeval module
  * Added stripcontrols module (#387)
  * Add new substitutions to ExpandString: %empty% and %network%. (#1049) (#1139)
  * Stop defaulting real name to "Got ZNC?" (#818)
  * Make the user aware that debug mode is enabled. (#1446)
  * Added ClearAllBuffers command (#852)
  * Don't require CSRF token for POSTs if the request uses HTTP Basic auth. (#946)
  * Set HttpOnly and SameSite=strict for session cookies (#1077) (#1450)
  * Add SNI SSL client support (#1200)
  * Add support for CIDR notation in allowed hosts list and in trusted proxy list (#207) (#1219)
  * Add network-specific config for cert validation in addition to user-supplied fingerprints: TrustAllCerts, defaults to false, and TrustPKI, defaults to true. (#866)
  * Add /attach command for symmetry with /detach. Unlike /join it allows wildcards.
  * Timestamp format now supports sub-second precision with %f. Used in awaystore, listsockets, log modules and buffer playback when client doesn't support server-time (#1455)
  * Build on macOS using ICU, Python, and OpenSSL from Homebrew, if available (#894)
  * Remove --with-openssl=/path option from ./configure. SSL is still supported and is still configurable
- Update dependencies
- Run spec-cleaner
- Use cmake for building
* Wed Mar 07 2018 mpluskal@suse.com
- Update to version 1.6.6:
  * Fix use-after-free in znc --makepem. It was broken for a long
    time, but started segfaulting only now. This is a useability
    fix, not a security fix, because self-signed (or signed by a
    CA) certificates can be created without using --makepem, and
    then combined into znc.pem.
* Thu Nov 09 2017 jzelazkova@suse.com
- Cleanup of spec file with spec-cleaner
Version: 1.6.5-20.1
* Wed May 10 2017 mpluskal@suse.com
- Update project url
* Wed Mar 15 2017 mpluskal@suse.com
- Update to version 1.6.5:
  * Fixed a regression of 1.6.4 which caused a crash in modperl/modpython. (#1283)
  * Fixed the behavior of verbose command in the sasl module. (#1291)
* Fri Feb 03 2017 mpluskal@suse.com
- Drop extra hardening flags
* Fri Feb 03 2017 jengelh@inai.de
- Slightly trim descriptions.
Version: 1.6.4-17.1
* Wed Dec 14 2016 mpluskal@suse.com
- Update to version 1.6.4 (boo#1017182):
  * Fixed build with OpenSSL 1.1. (#1310)
  * Fixed build on Cygwin.
  * Fixed a segfault after cloning a user. The bug was introduced in ZNC 1.6.0. (#1340)
  * Fixed a segfault when deleting a user or network which is waiting for DNS during connection. The bug was introduced in ZNC 1.0. (#1342)
  * Fixed a segfault which could be triggered using alias module. (#1347)
  * Fixed an error in controlpanel module when setting the bindhost of another user.
  * Fixed route_replies to not cause client to disconnect by timeout. (#1299)
  * Fixed compatibility with the Gitter IRC bridge. (#1321)
  * Fixed OnInvite for modpython and modperl. (#1283)
  * Fixed external location of GoogleTest for make test.
Version: 1.6.3-14.1
* Tue Mar 29 2016 mpluskal@suse.com
- Update changelog with missed issue boo#973088 (update to 1.6.3)
* Wed Feb 24 2016 mpluskal@suse.com
- Update to 1.6.3
  * New character encoding is now applied immediately, without
    reconnect.
  * Fixed build with LibreSSL. (#594)
  * Fixed error 404 when accessing the web UI with the configured
    URI prefix, but without the / in the end.
  * znc-buildmod now exits with non-zero exit code when the .cpp
    file is not found. (#1226)
  * Fixed znc-buildmod on Cygwin.
  * ExpandString got expanded.
  * Default quit message is switche
- Small spec file cleanup
Version: 1.6.2-4.1
* Tue Nov 17 2015 mpluskal@suse.com
- Update to 1.6.2
  * fixes
  + Fixed a use-after-delete in webadmin. It was already
  partially fixed in ZNC 1.4; since 1.4 it has been still
  possible to trigger, but much harder.
  + Fixed a startup failure when awaynick and simple_away were
  both loaded, and simple_away had arguments.
  + Fixed a build failure when using an ancient OpenSSL version.
  + Fixed a build failure when using OpenSSL which was built
  without SSLv3 support.
  + Bindhost was sometimes used as ident.
  + CAP :END wasn't parsed correctly, causing timeout during
  login for some clients.
  + Fixed channel keys if client joined several channels in
  single command.
  + Fixed memory leak when reading an invalid config.
  * autovoice
  + Check for autovoices when we are opped.
  * controlpanel
  + Fixed DelCTCPReply case-insensitivity.
  * dcc
  + Add missing return statement. It was harmless.
  * modpython
  + Fixed a memory leak.
  * modules_online
  + Wrong ident was used before.
  * stickychan
  + Fixed to unstick inaccessible channels to avoid infinite
  join loops.
  * internal changes
  + Fixed the nick passed to CModule::OnChanMsg() so it has
  channel permissions set.
  + Fixed noisy -Winconsistent-missing-override compilation
  warnings.
  + Initialized some fields in constructors of modules before
  OnLoad().
- Make building more verbose
- Partially fixes bsc#956254 - CVE-2014-9043
Version: 1.6.1-25.1
* Wed Aug 05 2015 mimi.vx@gmail.com
- Update to 1.6.1:
  * Fixed the problem that channels were no longer removed from the config despite
  of chansaver being loaded.
  * Fixed query buffer size for users who have the default channel buffer size set to 0.
  * Fixed a startup failure when simple_away was loaded after awaynick.
  * Fixed channel matching commands, such as DETACH, to be case insensitive.
  * Specified the required compiler versions in the configure script.
  * Fixed a rare conflict of HTTP-Basic auth and cookies.
  * Hid local IP address from the 404 page.
  * Fixed a build failure for users who have -Werror=missing-declarations in their CXXFLAGS.
  * Fixed CXXFLAGS=-DVERSION_EXTRA="foo" which is used by some distros to package ZNC.
  * Fixed znc-buildmod on Cygwin.
  * Fixed CThreadPool destructor to handle spurious wakeups.
  * Fixed make distclean to remove zncconfig.h.
  * Improved the error message about --datadir.
  * Fixed a compilation warning when HAVE_LIBSSL is not defined.
  * Fixed 'comparision' typos in CString documentation.
  * Added a non-minified version of the jQuery source code to make Linux distributions
  (Debian) happy, even though the jQuery license does not require this.
  * chansaver:
  * Fixed random loading behavior due to an uninitialized member variable.
  * modpython:
  * Fixed access to CUser::GetUserClients() and CUser::GetAllClients().
  * sasl:
  * Improved help texts for the SET and REQUIREAUTH commands. (#875)
  * savebuff:
  * Fixed periodical writes on the disk when the module is loaded after startup. (#868)
  * webadmin:
  * Fixed module checkboxes not to claim that all networks/users have loaded
    a module when there are no networks/users. (#872)
  * Added an explanation that ZNC was built without ICU support, when encoding
    settings are disabled for that reason.
  * Improved the breadcrumbs.
  * Mentioned ExpandString in CTCP replies.
  * Added an explanation how to delete port which is used to access webadmin.
Version: 1.6.0-18.1
* Sun Feb 15 2015 mpluskal@suse.com
- Update to 1.6.0:
  * Switch versioning scheme to <major>.<minor>.<patch>.  Add settings
  * for which SSL/TLS protocols to use (SSLProtocols),
  which ciphers to enable (SSLCiphers). By default TLSv1+ are enabled,
  SSLv2/3 are disabled. Default ciphers are what Mozilla advices:
  https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29
  * Validate SSL certificates.  Allow clients to specify an ID as part of
  * username
  (user[@identifier][/network]). Currently not used, but modules can
  use it.
  * Add alias module for ZNC-side command interception and processing.
  * Support character encodings with separate settings for networks,
  and for clients. It replaces older charset module, which didn't work
  well with webadmin, log and other modules.
  * Support X-Forwarded-For HTTP header, used with new TrustedProxy
  * setting.  Add URIPrefix option for HTTP listeners, used with reverse
  * proxy.  Store query buffers per query the same way it's done for
  * channels,
  add new option AutoClearQueryBuffer.
  * Add DisableChan command to *status, it was available only in
  webadmin before.
  * Allow wildcards in arguments of Help commands of *status and
  various modules.
  * Support IRCv3.2 batches, used for buffer playbacks.  Support IRCv3.2
  * self-message.  Remove awaynick module. It's considered bad etiquette.
  * Add JoinDelay setting, which allows a delay between
  connection to server, and joining first channel. By default it joins
  immediately after connect.
  * Make Detach, EnableChan and DisableChan commands of *status
  accept multiple channels.
  * znc-buildmod: Build output to the current working directory.  Wrap
  * long lines in tables (e.g. in Help or
  ListAvailMods commands).
  * Support ECDHE if available in OpenSSL.  Report ZNC version more
  * consistently, add HideVersion
  setting, which hides ZNC version from public.
  * Bump compiler requirements to support C++11. This means
  GCC 4.7+, Clang 3.2+, SWIG 3.0.0+.
- Drop support for old distributions since they lack support for
  C++11
- Drop package extra, all modules are now in znc
- Disable colloquy plugin since it fails to build
- Drop init script
* Mon Feb 09 2015 mpluskal@suse.com
- Rename znc-python to znc-python3
- Add signature and znc.keyring
- Reorder source names
- Correct (pre) dependencies for older releases of openSUSE
* Tue Sep 30 2014 mpluskal@suse.com
- Use proper licence
- Some tiny spec file cleanups
* Mon Sep 29 2014 mpluskal@suse.com
- Tighter dependency for perl
- Cleanup specfile
* Mon Sep 29 2014 mpluskal@suse.com
- Update to new version (1.4)
- Split to more packages
- Enable perl, python and tcl modules
- Remove obsolete modules
- Spec file cleanup
* Sat Jan 05 2013 joey.yuzheng@gmail.com
- add cap_sasl to support sasl which is needed for cloak usage.
  http://wiki.znc.in/Cap_sasl
* Mon Sep 17 2012 suse@ammler.ch
- update to 0.206 (bugfix release)
  - Identfile: don't crash when ZNC is shutting down.
  - CTCPReplies setting with empty value now blocks those CTCP
    requests to the client.
  - Show more sane error messages instead of "Error: Success".
  - Imapauth: Follow RFC more closely.
  - "No" is a false value too.
* Wed Jan 25 2012 suse@ammler.ch
- update to 0.204 (CVE-2012-0033)
  * Fix a crash in bouncedcc module with DCC RESUME.
  * Fix modperl compilation.
  * Don't use mkdir during install.
  * Check for the swig2.0 binary too, instead of only swig.
* Sun Sep 25 2011 suse@ammler.ch
- update to 0.202 (bugfix release)
  * Fix a crash when a user changes the buffer size of a channel.
* Wed Sep 14 2011 suse@ammler.ch
- update to 0.200
  - Move ident spoofing from ZNC core into new identfile module.
  - Move dcc handling from ZNC core into new modules bouncedcc and dcc.
  - Remove the obsolete fixfreenode module.
  - New module: cert
  - Move away into ZNC-Extra.
- remove remote services, just use it local
* Thu Mar 31 2011 ammler@openttdcoop.org
- update to 0.098
  - new module: modpython (not enabled in this package)
  - webinterface for modules perform and listsockets
  - admin can disconnect/reconnect other users
  - user modules:
  - colloquy (Push private messages and highlights to
    your iPhone/iPod Touch via Colloquy Mobile.)
  - update twitter (ssl and new api support)
* Mon Nov 08 2010 ammler@openttdcoop.org
- update to 0.096
  - new modules: clearbufferonmsg, certauth
  - new global setting: MaxBufferSize
  - new config option: SSLCertFile
  - module route_replies now also supports routing channel ban
    lists, ban exemptions and invite exceptions
  - big perl overhaul (not part of this package)
* Tue Jul 06 2010 anschneider@exsuse.de
- updated twitter module
* Mon Jul 05 2010 ammler@openttdcoop.org
- update to 0.092
  - Webmods - Every module can now provide its own webpages.
  - Webmods and thus webadmin now use cookies for managing
    sessions instead of HTTP authentication.
  - ZNC can now listen on IPv4-only, IPv6-only or on both-IP
    sockets. Renamed "Listen" config option to "Listener".
  - Added AddPort, DelPort, ListPorts command to *status.
  - Added a traffic info page to webadmin.
* Fri Feb 19 2010 ammler@openttdcoop.org
- update to 0.080
  New Webadmin default skin with UTF-8 support
* Tue Dec 29 2009 anschneider@exsuse.de
- added twitter module
* Mon Dec 28 2009 anschneider@exsuse.de
- update to 0.078
  Fixed a possible crash if a client disconnected before an auth
  module was able to verify the login.
* Fri Jul 24 2009 mrueckert@suse.de
- update to 0.074
  ALL ZNC versions prior to 0.072 have a path traversal bug in
  core. Users with a valid login are able to write files to all
  places to which ZNC has write access. This means they could
  upload and load new modules which do anything imaginable.
* Wed Feb 25 2009 mrueckert@suse.de
- added znc-0.066_sles9_configure.patch:
  fix build on sles9
* Tue Feb 24 2009 mrueckert@suse.de
- update to 0.066
  ALL ZNC versions have a privilege escalation bug in webadmin.
  Users with a valid login are able to write arbitrary lines to
  your znc.conf which means they can make themselves admin, load
  the shell module or temporarily overwrite any files znc has
  access to (e.g. ~/.ssh/authorized_keys) via ISpoof. This bug can
  only be abused when ZNC is restarted or rehashed, so check your
  config before you do so!
  This bug is fixed in znc 0.066. Update as soon as possible!
  for all the details see http://en.znc.in/wiki/ChangeLog/0.066
- fix rpmlint warnings
- split out devel package