USN-6761-1

Source
https://ubuntu.com/security/notices/USN-6761-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-6761-1.json
Related
Published
2024-04-30T07:33:26.773094Z
Modified
2024-04-30T07:33:26.773094Z
Summary
anope vulnerability
Details

It was discovered that Anope did not properly process credentials for suspended accounts. An attacker could possibly use this issue to normally login to the platform as a suspended user after changing their password.

References

Affected packages

Ubuntu:Pro:18.04:LTS / anope

Package

Name
anope

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2.0.4-2ubuntu0.1~esm1

Ecosystem specific 

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "anope": "2.0.4-2ubuntu0.1~esm1"
        }
    ]
}

Ubuntu:20.04:LTS / anope

Package

Name
anope

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2.0.6-1ubuntu0.1

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "anope": "2.0.6-1ubuntu0.1"
        }
    ]
}

Ubuntu:22.04:LTS / anope

Package

Name
anope

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2.0.9-1ubuntu0.1

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "anope": "2.0.9-1ubuntu0.1"
        }
    ]
}

Ubuntu:23.10 / anope

Package

Name
anope

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2.0.12-1ubuntu0.23.10.1

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "anope": "2.0.12-1ubuntu0.23.10.1"
        }
    ]
}

Ubuntu:24.04:LTS / anope

Package

Name
anope

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2.0.12-1ubuntu1

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "anope": "2.0.12-1ubuntu1"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / anope

Package

Name
anope

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2.0.3-1ubuntu0.1~esm1

Ecosystem specific 

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "anope": "2.0.3-1ubuntu0.1~esm1"
        }
    ]
}