Fedora 40 Update: unrealircd-6.1.9.1-1.fc40

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-43570ea7f7
2024-12-22 02:11:13.806215+00:00
--------------------------------------------------------------------------------

Name        : unrealircd
Product     : Fedora 40
Version     : 6.1.9.1
Release     : 1.fc40
URL         : https://www.unrealircd.org/
Summary     : Open Source IRC server
Description :
UnrealIRCd is an Open Source IRC server based on the branch of IRCu called
Dreamforge, formerly used by the DALnet IRC network. Since the beginning of
development on UnrealIRCd in May of 1999, it has become a highly advanced
IRCd with a strong focus on modularity, an advanced and highly configurable
configuration file. Key features include SSL/TLS, cloaking, advanced anti-
flood and anti-spam systems, swear filtering and module support.

--------------------------------------------------------------------------------
Update Information:

UnrealIRCd 6.1.9.1
UnrealIRCd 6.1.9.1 fixes a bug in the TLS ciphers of 6.1.9.
UnrealIRCd 6.1.9
This 6.1.9 release fixes a number of bugs such as IPv6 hosts not resolving in
UnrealIRCd 6.1.8/6.1.8.1 and 100% CPU usage in some circumstances. It also
changes the SSL/TLS defaults to make things a little safer/better.
Enhancements
SSL/TLS:
Change default TLS ciphers to only allow AES in GCM mode and no longer in CBC
mode.
When using cURL for remote includes upstream now explicitly sets the minimum
required version to TLSv1.2 and sets upstream default ciphers and ciphersuites.
Note that by default in UnrealIRCd 6 the built-in (non-cURL) implementation is
used for remote includes, which already used these defaults. Also note that most
distros, like Ubuntu and Debian, already required TLSv1.2 or later effectively
in cURL.
Regarding default ecdh-curves: upstream now tries to set the curves list to
x25519:secp521r1:secp384r1:prime256v1 first, and if that fails then upstream
tries secp521r1:secp384r1:prime256v1. The former could fail due to SSL library
restrictions (old library or when in FIPS mode). Previously upstream was also
supposed to do it like that, but due to a bug always had X25519 turned off.
Fixes
IPv6 hosts not resolving in UnrealIRCd 6.1.8 and 6.1.8.1.
100% CPU usage in some (rare) circumstances. The IRCd is still fully responsive,
but of course high CPU usage is never good.
Crash in STATS S (IRCOp-only) if having vhosts with autologin (and no
vhost::login).
Changes
Added HELPOP EXTSERVERBANS to explain Extended server bans
Added new UnrealIRCd PGP release signing key
Developers and protocol
No changes, other than the SSL/TLS changes mentioned earlier.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 13 2024 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 6.1.9.1-1
- Upgrade to 6.1.9.1 (#2327604)
* Tue Oct 22 2024 Richard W.M. Jones <rjones@xxxxxxxxxx> - 6.1.8.1-2
- Rebuild for Jansson 2.14
  (https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/thread/3PYINSQGKQ4BB25NQUI2A2UCGGLAG5ND/)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2327604 - unrealircd-6.1.9.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2327604
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-43570ea7f7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

-- 
_______________________________________________
package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Index of Archives]     [Fedora Users]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]

  Powered by Linux