[3.9] znc: crash on invalid encoding (CVE-2019-9917)
ZNC before 1.7.3-rc1 allows an existing remote user to cause
a Denial of Service (crash) via invalid encoding.
References:
https://nvd.nist.gov/vuln/detail/CVE-2019-9917
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925285
Patch:
https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973
(from redmine: issue id 10383, created on 2019-05-01, closed on 2019-05-06)
- Changesets:
- Revision 16956b90 by Natanael Copa on 2019-05-06T16:17:54Z:
community/znc: security fix for CVE-2019-9917
fixes #10383