openSUSE-SU-2024:0203-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2024:0203-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2024:0203-1
Related
Published
2024-07-17T12:06:08Z
Modified
2025-05-07T18:16:08.881074Z
Upstream
Summary
Security update for znc
Details

This update for znc fixes the following issues:

Update to 1.9.1 (boo#1227393, CVE-2024-39844)

  • This is a security release to fix CVE-2024-39844: remote code execution vulnerability in modtcl. To mitigate this for existing installations, simply unload the modtcl module for every user, if it's loaded. Note that only users with admin rights can load modtcl at all.
  • Improve tooltips in webadmin.
References

Affected packages

SUSE:Package Hub 15 SP6 / znc

Package

Name
znc
Purl
pkg:rpm/suse/znc&distro=SUSE%20Package%20Hub%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.9.1-bp156.2.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "znc": "1.9.1-bp156.2.3.1",
            "znc-lang": "1.9.1-bp156.2.3.1",
            "znc-tcl": "1.9.1-bp156.2.3.1",
            "znc-python3": "1.9.1-bp156.2.3.1",
            "znc-perl": "1.9.1-bp156.2.3.1",
            "znc-devel": "1.9.1-bp156.2.3.1"
        }
    ]
}

openSUSE:Leap 15.6 / znc

Package

Name
znc
Purl
pkg:rpm/opensuse/znc&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.9.1-bp156.2.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "znc": "1.9.1-bp156.2.3.1",
            "znc-lang": "1.9.1-bp156.2.3.1",
            "znc-tcl": "1.9.1-bp156.2.3.1",
            "znc-python3": "1.9.1-bp156.2.3.1",
            "znc-perl": "1.9.1-bp156.2.3.1",
            "znc-devel": "1.9.1-bp156.2.3.1"
        }
    ]
}