openSUSE-SU-2022:10018-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2022:10018-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/openSUSE-SU-2022:10018-1
- Upstream
- Related
- Published
- 2022-06-20T10:32:27Z
- Modified
- 2026-01-30T00:58:12.988834Z
- Summary
- Security update for atheme
- Details
-
This update for atheme fixes the following issues:
atheme was updated to release 7.2.12:
- CVE-2022-24976: Fixed General authentication bypass in Atheme IRC services with InspIRCd 3 [boo#1195989]
- Track SASL login EID
Update to release 7.2.11
- Add a preliminary Turkish translation
- Add HMAC-MD5 verify-only support to crypto/pbkdf2v2
- modules/chanserv/akick: fix unload crash with akicks that have timeouts
- modules/nickserv/multimark: use IRC case canonicalisation for restored nicks
- modules/nickserv/multimark: forbid unloading due to the potential for data loss
- CA_ constants: include CA_EXEMPT (+e) where appropriate
Update to new upstream release 7.2.10.r2
- Fix potential NULL dereference in modules/crypto/posix.
- Bump E-Mail address maximum length to 254 characters.
- Use flags setter information in modules/chanserv/access & modules/chanserv/flags.
- Fix issue where modules/misc/httpd was not closing its listening socket on deinit.
- Fix GroupServ data loss issue when a group was the founder of another group.
- References
Affected packages
SUSE:Package Hub 15 SP3 / atheme
Package
- Name
- atheme
- Purl
- pkg:rpm/suse/atheme&distro=SUSE%20Package%20Hub%2015%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.2.12-bp153.2.3.1
openSUSE:Leap 15.3 / atheme
Package
- Name
- atheme
- Purl
- pkg:rpm/opensuse/atheme&distro=openSUSE%20Leap%2015.3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.2.12-bp153.2.3.1