"Summary The websocket module before v3.8.1 contains a double free vulnerability. When combined with a HTTP reverse proxy this vulnerability can be used by any user who is [GKZ]-lined to remotely crash an InspIRCd server. Thanks to @benharri for reporting this issue. Affected Versions This vulnerability is present in the following releases: All versions of v3 before v3.8.1 Recommended Action This vulnerability is fixed in version 3.8.1. It is strongly recommended that all affected users upgrade. If upgrading is not possible then the websocket module should be unloaded or reconfigured to allow users to connect directly instead of through a HTTP reverse proxy."
So, for this bug, we need to bump to 3.8.1. bug 755851 needed a stabilisation bu we may as well just stable 3.8.1 for that now. bug 743205 is old and just needs a possible GLSA.
I'll see about submitting a PR for 3.8.1 by the end of this weekend at the latest.
PR submitted: https://github.com/gentoo/gentoo/pull/18347
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=02a985abeacea6af0dd01efe967ae40e96ec79a3 commit 02a985abeacea6af0dd01efe967ae40e96ec79a3 Author: Wade Cline <wadecline@hotmail.com> AuthorDate: 2020-11-21 08:42:33 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-11-22 03:35:56 +0000 net-irc/inspircd: Drop 3.8.0 Signed-off-by: Wade Cline <wadecline@hotmail.com> Bug: https://bugs.gentoo.org/755854 Closes: https://github.com/gentoo/gentoo/pull/18347 Signed-off-by: Sam James <sam@gentoo.org> net-irc/inspircd/Manifest | 1 - net-irc/inspircd/inspircd-3.8.0.ebuild | 121 --------------------------------- 2 files changed, 122 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d54d3c8b2f510d7977c0059f594c3ca5e8cf6d27 commit d54d3c8b2f510d7977c0059f594c3ca5e8cf6d27 Author: Wade Cline <wadecline@hotmail.com> AuthorDate: 2020-11-21 08:37:40 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-11-22 03:35:55 +0000 net-irc/inspircd: Add 3.8.1 Signed-off-by: Wade Cline <wadecline@hotmail.com> Bug: https://bugs.gentoo.org/755854 Signed-off-by: Sam James <sam@gentoo.org> net-irc/inspircd/Manifest | 1 + net-irc/inspircd/inspircd-3.8.1.ebuild | 121 +++++++++++++++++++++++++++++++++ 2 files changed, 122 insertions(+)
Please let us know when ready to stable.
I'm likely going to be busy with holidays the rest of this week, but feel free to start stabilization; let me know what you need and I'll work on it when able.
x86 stable
amd64 stable. Maintainer(s), please cleanup. Security, please vote.
(In reply to Wade Cline from comment #6) > I'm likely going to be busy with holidays the rest of this week, but feel > free to start stabilization; let me know what you need and I'll work on it > when able. Please drop the vulnerable versions (<3.8.1). Thanks!
*** Bug 762673 has been marked as a duplicate of this bug. ***
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=83567ff2355ef80076990e51cc58fcef2cdf1138 commit 83567ff2355ef80076990e51cc58fcef2cdf1138 Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-12-30 21:25:02 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-12-31 01:13:41 +0000 net-irc/inspircd: security cleanup (drop <3.8.1) Bug: https://bugs.gentoo.org/743205 Bug: https://bugs.gentoo.org/755851 Bug: https://bugs.gentoo.org/755854 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/18885 Signed-off-by: Sam James <sam@gentoo.org> net-irc/inspircd/Manifest | 2 - .../files/inspircd-2.0.27-fix-path-builds.patch | 257 ------------------- .../files/inspircd-3.4.0-fix-path-builds.patch | 271 --------------------- net-irc/inspircd/inspircd-2.0.29.ebuild | 115 --------- net-irc/inspircd/inspircd-3.4.0-r1.ebuild | 121 --------- 5 files changed, 766 deletions(-)
>amd64 stable. > >Maintainer(s), please cleanup. >Security, please vote. Hmm, I must have skimmed past the later lines when checking my e-mail and missed this. Sorry about that.