– IRC News

All about Internet Relay Chat

ircd-ratbox releases version 3.0.5

ircd-ratbox, the “advanced, stable and fast ircd” which is “the primary ircd used on EFNet” just released version 3.0.5 in their testing tree.

The release is purely a bugfix release as there are no new features been announced to come with it.

The changelog is as follows:

- fix a bug with reading help files
- add debugging in for dealing with a kline removal bug
- fix /rehash tdlines and /rehash bans so they actually do something with dlines
- compute the number of file descriptors passed correctly on freebsd/amd64 (and probably others)
- check for compiler support for various warning flags and add them
- add -fno-strict-aliasing as this is now needed for gcc 4.4
- GNUTLS code now picks up new keys/certificates on rehash

The download can be obtained here.

ircd-ratbox 3.0.1 released

Yesterday, the ircd-ratbox project announced the release of their latest testing version of their IRCd.

Now being available as version 3.0.1, it still clearly is labeled as an early release and better not being used in a production environment.

NOTE: Whilst every effort has been made to make sure this code is usable, it
is still not classified as a stable release.  You assume full
responsibility for running this on a production network.

The  changelog is rather short but there seem to be a few big changes included like reenabling SSL and ziplinks

- call rb_helper_close on bandb errors to kill off old bandb processes
- report correct files/line numbers for spoof warnings
- sid in the serverinfo struct should be 4 bytes, not 3
- rebuild the included ircd_lexer.c
- fix ports and /dev/poll on solaris
- report libratbox version on -version and /info
- libratbox version info includes ssl info
- fix installing when using install-sh
- reenable ziplinks + ssl
- fix a gnutls related core dump
- add support for a serverinfo::bandb setting for the ban database
- report adding throttles when an oper is set umode +r
- report throttle stats in /stats T

The download is available from here.

Possible DoS Found in IRCd-Ratbox

A possible DoS has been found in IRCd-Ratbox. This IRCd is in use on EFNet and other smaller networks.

The discovery was announced on the Ratbox mailinglist by Lee H: “We have recently uncovered a potential DoS in ircd-ratbox that could result in resource starvation of the CPU.”

The bug dates back to very early version of Ratbox, which makes it a vulnerability that is presence in all flavors of the IRCd in use.

“We have now released ircd-ratbox-2.2.6, it is recommended that everybody upgrades — the attack is fairly easy to abuse.  Details follow in the next email”, Lee ends. Since then, Lee retracted to give more details about the exploit to prevent malicious users causing havoc.

Thanks to Kobi for the tip.