U radu programskog paketa bip otkriven je sigurnosni nedostatak kojeg udaljeni napadači mogu iskoristiti za pokretanje proizvoljnog programskog koda.

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-0916
2012-01-25 21:58:19
--------------------------------------------------------------------------------

Name        : bip
Product     : Fedora 15
Version     : 0.8.8
Release     : 2.fc15
URL         : http://bip.t1r.net
Summary     : IRC Bouncer
Description :
Bip is an IRC proxy, which means it keeps connected to your preferred IRC
servers, can store the logs for you, and even send them back to your IRC
client(s) upon connection.
You may want to use bip to keep your logfiles (in a unique format and on a
unique computer) whatever your client is, when you connect from multiple
workstations, or when you simply want to have a playback of what was said
while you were away.

--------------------------------------------------------------------------------
Update Information:

Add upstream patch to fix buffer overflow with too many open fd's


--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 24 2012 Brian C. Lane <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.8.8-2
- Upstream patch to fix buffer overflow with too many open fd's (#784301)
  https://projects.duckcorp.org/issues/269
- Switched spec to use git to apply patches
* Thu Nov 17 2011 Brian C. Lane <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.8.8-1
- Update to upstream version 0.8.8
- Call systemd-tmpfiles to create the pid directory
* Thu Jun  2 2011 Darryl L. Pierce <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.8.7-2
- Create file: /etc/tmpfiles.d/bip.conf
- Fixes #707294 - /var/run/bip on tmpfs
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #784299 - CVE-2012-0806 bip: Stack-based buffer overflow when
processing connection events
        https://bugzilla.redhat.com/show_bug.cgi?id=784299
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update bip' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-0941
2012-01-25 21:59:51
--------------------------------------------------------------------------------

Name        : bip
Product     : Fedora 16
Version     : 0.8.8
Release     : 2.fc16
URL         : http://bip.t1r.net
Summary     : IRC Bouncer
Description :
Bip is an IRC proxy, which means it keeps connected to your preferred IRC
servers, can store the logs for you, and even send them back to your IRC
client(s) upon connection.
You may want to use bip to keep your logfiles (in a unique format and on a
unique computer) whatever your client is, when you connect from multiple
workstations, or when you simply want to have a playback of what was said
while you were away.

--------------------------------------------------------------------------------
Update Information:

Add upstream patch to fix buffer overflow with too many open fd's


--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 24 2012 Brian C. Lane <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.8.8-2
- Upstream patch to fix buffer overflow with too many open fd's (#784301)
  https://projects.duckcorp.org/issues/269
- Switched spec to use git to apply patches
* Thu Nov 17 2011 Brian C. Lane <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.8.8-1
- Update to upstream version 0.8.8
- Call systemd-tmpfiles to create the pid directory
* Thu Jun  2 2011 Darryl L. Pierce <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.8.7-2
- Create file: /etc/tmpfiles.d/bip.conf
- Fixes #707294 - /var/run/bip on tmpfs
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #784299 - CVE-2012-0806 bip: Stack-based buffer overflow when
processing connection events
        https://bugzilla.redhat.com/show_bug.cgi?id=784299
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update bip' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce