– IRC News

All about Internet Relay Chat

Eggdrop 1.6.19 Released

It took almost 2 years for a new release, and even then it consists mostly of bugfixes of which one fixes a serious issue.

Version 1.6.19 of the popular IRC bot Eggdrop fixes a buffer overflow issue in the server module. It is exploitable by a malicious server. As long as the bot connects to a reputable server it should be OK.

IRC-Junkie tried to contact Guppy with a few questions but has received no reply so far, partly explaining the delay in reporting this new release.

A list of all updates according to the updates.txt file:

- Update the recommended TCL version to 8.5

- Updated Copyright dates

- added [sL] and thommey to the AUTHORS file

- load blowfish by default

- added a TCL to handle the PONG :<cookie> junk on some EFnet servers

- add a simple TCL to handle the PASS <numbers> junk on some Undernet servers

- add support for chanmode +T

- CTCP parsing was broken by the servmsg.c buffer overflow patch

- Fixed a couple of typos in the FEATURES file.

- Fixed two buffer overflows in servmsg.c (CVE-2007-2807).

- Fixed compatibility problems with certain time_t implementations.

- Complete raw traffic wasn’t getting logged in some cases; only the raw command itself was. Fixed.

Category: IRC, Software

Your email address will not be published. Required fields are marked *