No GLSA for this, since there is no stable ebuild. Version 0.5.8 corrects this vuln. -------------------------------------------------- Secunia Advisory: SA19922 Print Advisory Release Date: 2006-05-02 Description: A vulnerability has been reported in CGI:IRC, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to an error in client.c within the handling of the received cookie value. This can be exploited to cause a buffer overflow and may allow arbitrary code execution. The vulnerability has been reported in version 0.5.7. Prior versions may also be affected. Solution: Update to version 0.5.8. http://cgiirc.sourceforge.net/download/ Provided and/or discovered by: Reported by the vendor. Original Advisory: http://cvs.cgiirc.org/chngview?cn=263 http://cvs.cgiirc.org/chngview?cn=283
one step ahead of you guys - already in CVS :)
Good ! I was a few hours late :/ I have synced this morning but it wasn't up to date.
