Package: ircd-ircu Severity: serious Tags: security Hi!
Several security issues have been reported against ircu: CVE-2007-4411 (ircu 2.10.12.05 and earlier allows remote attackers to discover the ...) CVE-2007-4410 (ircu 2.10.12.05 and earlier does not properly synchronize a kick ...) CVE-2007-4409 (Race condition in ircu 2.10.12.01 through 2.10.12.05 allows remote ...) CVE-2007-4408 (ircu 2.10.12.05 and earlier ignores timestamps in bounces, which ...) CVE-2007-4407 (ircu 2.10.12.03 and 2.10.12.04 does not associate a timestamp with ops ...) CVE-2007-4406 (ircu 2.10.12.01 through 2.10.12.04 does not remove ops privilege after ...) CVE-2007-4405 (ircu 2.10.12.02 through 2.10.12.04 allows remote attackers to cause a ...) CVE-2007-4404 (ircu 2.10.12.01 allows remote attackers to (1) cause a denial of ...) See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4404 (etc) Can you please: - assert whether the versions Debian ships (unstable, stable, oldstable) are vulnerable? - If so, fix the issue in unstable and coordinate with the security team if updates to stable and oldstable are necessary? thanks, Thijs
pgpTmFcp4mLWF.pgp
Description: PGP signature
