To create new wiki account, please join us on #znc at Libera.Chat and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.
ChangeLog/1.9.1: Difference between revisions
Jump to navigation
Jump to search
DarthGandalf (talk | contribs) 1.9.1 |
DarthGandalf (talk | contribs) make it link |
||
| Line 1: | Line 1: | ||
{{ChangeLog}} | {{ChangeLog}} | ||
* This is a security release to fix {{CVE|2024-39844}}: remote code execution vulnerability in modtcl. | * This is a security release to fix {{CVE|2024-39844}}: remote code execution vulnerability in [[modtcl]]. | ||
** To mitigate this for existing installations, simply unload the modtcl module for every user, if it's loaded. Note that only users with admin rights can load modtcl at all. | ** To mitigate this for existing installations, simply unload the modtcl module for every user, if it's loaded. Note that only users with admin rights can load modtcl at all. | ||
** Thanks to Johannes Kuhn (DasBrain) for reporting, to glguy for the patch, and to multiple IRC network operators for help with mitigating this on server side before disclosure. | ** Thanks to Johannes Kuhn (DasBrain) for reporting, to glguy for the patch, and to multiple IRC network operators for help with mitigating this on server side before disclosure. | ||
* Improve tooltips in [[webadmin]]. | * Improve tooltips in [[webadmin]]. | ||
Latest revision as of 16:28, 3 July 2024
| ← 1.9.0 | ZNC 1.9.1 | git → |
 |
This is the latest release. Source tarball is available here. |
- This is a security release to fix CVE-2024-39844: remote code execution vulnerability in modtcl.
- To mitigate this for existing installations, simply unload the modtcl module for every user, if it's loaded. Note that only users with admin rights can load modtcl at all.
- Thanks to Johannes Kuhn (DasBrain) for reporting, to glguy for the patch, and to multiple IRC network operators for help with mitigating this on server side before disclosure.
- Improve tooltips in webadmin.