Control: retitle -1 InspIRCd Security Advisories 2019-02 and 2020-01 In addition to the 2020-01 advisory I also noticed that this package hasn't yet patched the 2019-02 advisory which is a similar crash/DoS bug. (https://docs.inspircd.org/security/2019-02/)
2019-02 and 2020-01 both affect versions 2.0.27-1 (buster) and 3.4.0-2 (bullseye and sid). For buster, we should prepare a 2.0.27-1+deb10u1 upload to address both advisories. For unstable, we can probably just update to the latest upstream version v3.7.0. As inspircd seems to be transitioning maintainers (see #939424), I would be happy to help here. I have already prepared the packaging changes. I just need to verify that I cannot reproduce the bug, and will require a DD to sponsor my uploads and someone from the Debian Security team to help me with the upload to buster-security. Christian
