IRC-Junkie.org – IRC News

All about Internet Relay Chat

Colloquy 2.4 For OS X Released

The Mac OS X IRC client Colloquy just got updated to version 2.4.

The new release is Lion-only and now supports fullscreen IRCing, has SASL support and the dock gets a badge when there are unread private messages and highlights.

The integrated “Colloquy Bouncer”, which provides bouncer capabilities to the mobile client counterpart, has had a memleak and a bug fixed that would prevent it from properly quitting.

The handling of netsplits has been improved and excess flood issues on freenode have been fixed. CPU and memory consumption has been reduced and Growl is now supported on 64bit platforms.

 

Are you using Colloquy on OS X? Tell us about your experience with it in the comments!

 

The full changelog and the download for Colloquy 2.4 can be found here.

 

Atheme NickServ CertFP Vulnerability

A security vulnerability related to certificate fingerprints has been found in the Atheme IRC services package.

 

All versions that have CertFP functionality are affected, which are version 5.2.x, 6.x and the current testing release, version 7.x.

 

The vulnerability is triggered once a NickServ user is dropped or expires that has a CertFP entry attached to it which will not be cleaned up upon deletion of the user account.

This will cause the CertFP entry to be in limbo and might result in pointing the entry to an other account which will result in being able to identify as another user via that certificate fingerprint.

 

Atheme maintainer nenolod released an update for all currently maintained versions of the services package so it is advised that you upgrade your IRC services immediately.

 

The advisory can be found here and the original bug report can be found here.

InspIRCd 2.0.5 Vulnerability [Updated]

There has been a vulnerability reported in InspIRCd 2.0.5 and possibly other versions of the IRC daemon.

The problem lies in the buffer handling of dns.cpp, can be triggered by remote users and might result in arbitrary code execution according to the advisory.

 

There currently is a workaround in the form of a config setting, namely to set

<performance:nouserdns>

to yes.

 

There also have been pull requests on GitHub by Atheme developer nenolod which fix the underlying code, although those – as of now – haven’t been pulled in yet.

 

The fixes above have been pulled in and the official sources have been moved from Gitorious to GitHub.

 

Due to the serious nature of the vulnerability, watch the development of this closely and even though there currently are no reports of this vulnerability being exploited in the wild.

 

The advisory can be found here and one of the temporary InspIRCd websites (which is currently still down after a break-in into ChatSpike/InspIRCd servers) can be found here.

 

We’ll keep this entry updated on any new developments regarding this issue.

IRC Wiki – 2nd Anniversary

2 years ago, the IRC-Wiki has been created to provide a central place for all things that relate to IRC.

Some might argue that Wikipedia is a better place for that but as some people can assess it isn’t due to their idiotic strict notability guidelines.

 

Fast forward 2 years and IRC Wiki is still thriving and the only one remaining from the 3 that have been mentioned in that past article. One of them has merged into IRC Wiki soon after the article has been written and to date the Wiki consists of 650 pages and 5000 edits in total.

 

About 180 users have contributed to it, though the majority of editors is due to a new feature: network pages.

There, registered networks can put up information about it, integrate statistics  from SearchIRC and Netsplit.de and much more.

 

IRC Wiki Network Listing Page

IRC Wiki Network Listing Page

 

In the early days, IRC-Wiki was using LionWiki and migrated to MediaWiki due to user requests for features that are only present in MediaWiki. That move was done manually, article-by-article by Bertrum and Trixar_za.

Even though that was a labour-intensive task, Trixar_za regards it as “the best decision they made because of the sheer number of MediaWiki extensions, especially the security related ones – considering how many Wikis are overrun with spam these days”.

 

Today, the Wiki holds lots of information for all kind of IRCds, IRC clients and software for IRC networks but there is still a list of articles that are yet to be created – not to mention there’s always room to improve and expand current articles.

 

So, if you haven’t yet: browse over to IRC-Wiki and help them out, be it by adding your network to their index or filling the Wiki with information!

IRCjr – An IRC Client for DOS

There are IRC clients for every platform and every OS – wait, really every platform, every OS?

 

Lets see:

Windows? More than you can handle..

OS X? Sure

Linux/UNIX? Of course

 

…and more – i’ll spare you listing every platform there’s an IRC client for.

 

But.. what about DOS you say? Yes, yes – there is one: IRCjr.

 

It’s not only a proof-of-concept but is a fully-featured client. It supports CTCP messages such as /me and /version, has timestamps, logging to disk, a user-configurable scrollback buffer and supports every display from MDA/monochrome up to VGA resolutions and colors.

 

DOS IRC Client IRCjr running in DOSBox

DOS IRC Client IRCjr running in DOSBox

 

As you can see from the screenshot it sports a split-screen layout and according to its website it’ll run even on “the oldest 8088 based systems” from DOS 2.1 and newer.

 

Being in multiple channels and private messages at the same time is no problem – IRCjr is even compatible with multiple monitors, although it can only use one at a time.

 

Since DOS is pretty much obsolete these days and being asked about the reason why he wrote a program for a dead platform the programmer, Michael  Brutman, said that he had rediscovered the fun in retro computing and since all TCP/IP stacks for DOS sucked, he wrote his own and the first application he developed for it was IRCjr.

 

One of the main concerns while programming was stability and according to Michael Brutman it’s really stable and can be left running even in very busy channels such as #ubuntu on freenode without problems.

 

On the feature-side he said that he’s looking to bring multi-server support and maybe mIRC color codes into the client but sadly Unicode support is pretty much ruled out as most of the old hardware can’t load fonts.

 

So if you’re a retro computing enthusiast and addicted to IRC – give it a go and let us know what you think about it in the comments!

 

More details about the setup, configuration and capabilities of IRCjr can be found on the IRCjr website.