– IRC News

All about Internet Relay Chat

InspIRCd Updates & New Website

After quite a prolonged downtime, the InspIRCd website and Wiki is back up again, although not under its original domain any more but is now hosted on GitHub.

There have been new releases in all current branches as well as a new Beta release in the 2.1 branch.

Users of the 1.2 versions are strongly advised to upgrade their IRCds at least to version 1.2.9rc1 due to the recently found vulnerability and, if possible, they should update to InspIRCd 2.0.x as the 1.2 branch is nearing its end-of-life if no new maintainer is found.

People interested in maintaining the InspIRCd 1.2 branch should get in touch with the developers via their IRC channel on Chatspike.

iBash – The IRC Quote Database For Everyone

iBash is an online IRC quote database where everyone can set up their own IRC quote collection.

With this comes the ability to fully manage your quotes – you decide which quote gets approved or rejected, a major point of annoyance with the original quote database.

Example of a QDB on

Example of a QDB on

iBash has been founded in 2011 “after a 6 years incubation period” and now hosts a rapidly growing number of quotes for their users.

Setting up your own IRC quote database is easy – just register and after you’ve received and confirmed your email you and your users can begin to add quotes to the QDB.

For support and generic questions they have an IRC channel and are on Twitter and Facebook.

Share your thoughts about in the comments!

Colloquy 2.4 For OS X Released

The Mac OS X IRC client Colloquy just got updated to version 2.4.

The new release is Lion-only and now supports fullscreen IRCing, has SASL support and the dock gets a badge when there are unread private messages and highlights.

The integrated “Colloquy Bouncer”, which provides bouncer capabilities to the mobile client counterpart, has had a memleak and a bug fixed that would prevent it from properly quitting.

The handling of netsplits has been improved and excess flood issues on freenode have been fixed. CPU and memory consumption has been reduced and Growl is now supported on 64bit platforms.


Are you using Colloquy on OS X? Tell us about your experience with it in the comments!


The full changelog and the download for Colloquy 2.4 can be found here.


Atheme NickServ CertFP Vulnerability

A security vulnerability related to certificate fingerprints has been found in the Atheme IRC services package.


All versions that have CertFP functionality are affected, which are version 5.2.x, 6.x and the current testing release, version 7.x.


The vulnerability is triggered once a NickServ user is dropped or expires that has a CertFP entry attached to it which will not be cleaned up upon deletion of the user account.

This will cause the CertFP entry to be in limbo and might result in pointing the entry to an other account which will result in being able to identify as another user via that certificate fingerprint.


Atheme maintainer nenolod released an update for all currently maintained versions of the services package so it is advised that you upgrade your IRC services immediately.


The advisory can be found here and the original bug report can be found here.

InspIRCd 2.0.5 Vulnerability [Updated]

There has been a vulnerability reported in InspIRCd 2.0.5 and possibly other versions of the IRC daemon.

The problem lies in the buffer handling of dns.cpp, can be triggered by remote users and might result in arbitrary code execution according to the advisory.


There currently is a workaround in the form of a config setting, namely to set


to yes.


There also have been pull requests on GitHub by Atheme developer nenolod which fix the underlying code, although those – as of now – haven’t been pulled in yet.


The fixes above have been pulled in and the official sources have been moved from Gitorious to GitHub.


Due to the serious nature of the vulnerability, watch the development of this closely and even though there currently are no reports of this vulnerability being exploited in the wild.


The advisory can be found here and one of the temporary InspIRCd websites (which is currently still down after a break-in into ChatSpike/InspIRCd servers) can be found here.


We’ll keep this entry updated on any new developments regarding this issue.