-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3661-1 security@xxxxxxxxxx https://www.debian.org/security/ Moritz Muehlenhoff September 06, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : charybdis CVE ID : CVE-2016-7143 It was discovered that incorrect SASL authentication in the Charybdis IRC server may lead to users impersonating other users. For the stable distribution (jessie), this problem has been fixed in version 3.4.2-5+deb8u2. For the unstable distribution (sid), this problem has been fixed in version 3.5.3-1. We recommend that you upgrade your charybdis packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJXzyNLAAoJEBDCk7bDfE42/dMQAIsNQ4zlAtfTjmleZDjR33tq 9dcDMeS1LNF2DHlMj7JRJVIOXJMOqcu9RQqWqHfrDkXIEO5VnOdL+mqHNuvP9aTe qE4jyVgiboHfckfe1vt4KehC8o7bYv3oiqZm0uwqa0ojAbfbTxMybhX63kqJXI0S v6n3wad4Yz74/4UbEff3OoFMtxtVu9Y3y1x5E1xSEVprSd/NrHd5leoOAfToDiZP jOG6YPNF7YglCj0kP86GD4wGYcq+9fIh9dP12TeuC6ySRO4/lfFV6FOMvWA2JvWM MA7fhwbYqwywldGryMmD24xreJlcT4/DiOXhK3o3NaLRn5ox2gS0dxf2iB0irfeY edP0lRSghqRlKBWH7LqHY6y6s1qJC2nMW/wz+0jzouKHkzjeZgmxI3meeUl3MRjh B6LViFrhDk2YVAwNX9ODe4GctgHpleBA7WbdG6VITWnwjPFl5aCT8s1tpDkg/cv2 hr6Vuvt/JFZ68JtU7PsfsZka/Xpy6xUT1GMxQBRTGI8tOh8kptuJf3iW6hpVYD7U Rq3iiWjvAgtRm4Ijr20DswdeQ4FjV9GyKPvfVhLMcxjdeueV4D4ddG79FzER0jFD Iq/3P7QdnC1ar3xYU4/s76dRO82Mk5DIAXnkZtR4+rV7tvk5YuJUgJ/ES04MBpjO EsYP4ZEaoQG98KzSjE9b =fQTH -----END PGP SIGNATURE-----
