This bug was fixed in the package xchat-gnome - 1:0.18-2ubuntu2
---
xchat-gnome (1:0.18-2ubuntu2) hardy; urgency=low
* debian/patches/03_serverlist.patch added:
- modify default port for irc.freenode.com to 8001 to prevent dcc exploit.
- fix Oz.net servers list wrongly refer
Sponsoring.
** Changed in: xchat-gnome (Ubuntu)
Status: Confirmed => Fix Committed
** Changed in: xchat-gnome (Ubuntu)
Assignee: (unassigned) => Martin Pitt (pitti)
--
To prevent dcc exploit, default port should be 8001 for irc.ubuntu.com
https://bugs.launchpad.net/bugs/191691
You r
This bug was fixed in the package xchat - 2.8.4-0ubuntu6
---
xchat (2.8.4-0ubuntu6) hardy; urgency=low
* debian/patches/01_serverlist.dpatch:
- modify default port for irc.ubuntu.com and irc.freenode.com to 8001 to
prevent dcc exploit (LP: #191691).
- fix Oz.net server
** Changed in: xchat (Ubuntu)
Status: Confirmed => Fix Committed
--
To prevent dcc exploit, default port should be 8001 for irc.ubuntu.com
https://bugs.launchpad.net/bugs/191691
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
Oh, okay. I'll upload it then.
--
To prevent dcc exploit, default port should be 8001 for irc.ubuntu.com
https://bugs.launchpad.net/bugs/191691
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bug
RainCT, I copied the whole serverlist since both xchat and xchat-gnome
use the first server by default, but advanced users may find useful to
find all other servers listed there. Anyway, if you think this would be
unappropriate, fixing that is pretty easy.
--
To prevent dcc exploit, default port
On bug #146434 you say that some of the addresses that you list can't be
used by everyone (gov/edu only an such). Wouldn't it be better to only
list "irc.oz.org", which can be used by anyone?
--
To prevent dcc exploit, default port should be 8001 for irc.ubuntu.com
https://bugs.launchpad.net/bugs
To DarkMageZ,
The vulnerability is not in Ubuntu, but in the router a user uses. As
far as I understand it, the router believes that the information being
passed through it is an instruction for it, and so attempts to interpret
it. Failing, it dies and closes the connection.
The vulnerability doe
** Attachment added: "xchat-gnome_0.18-2ubuntu2.debdiff"
http://launchpadlibrarian.net/11959062/xchat-gnome_0.18-2ubuntu2.debdiff
** Changed in: xchat (Ubuntu)
Assignee: Andrea Colangelo (warp10) => (unassigned)
Status: In Progress => Confirmed
** Changed in: xchat-gnome (Ubuntu)
Attached debdiffs fix this bug and #146434 too for both xchat and xchat-
gnome. Built, installed and run in a clean Hardy Virtual Machine.
** Attachment added: "xchat_2.8.4-0ubuntu6.debdiff"
http://launchpadlibrarian.net/11959055/xchat_2.8.4-0ubuntu6.debdiff
--
To prevent dcc exploit, defaul
isn't this just security by obscurity? what will happen once hardy is released
with the port changed, they will just add port 8001 to the attack.
People with vulnerable routers either need to kick their vendors ass or buy a
new router. imho.
--
To prevent dcc exploit, default port should be 800
** Changed in: xchat (Ubuntu)
Importance: Low => Medium
** Changed in: xchat-gnome (Ubuntu)
Importance: Low => Medium
--
To prevent dcc exploit, default port should be 8001 for irc.ubuntu.com
https://bugs.launchpad.net/bugs/191691
You received this bug notification because you are a member
I can confirm this bug, and I'm working on a patch.
Probably we can assume this is true for freenode too, that by default is
reached via port 6667.
** Changed in: xchat-gnome (Ubuntu)
Importance: Undecided => Low
Assignee: (unassigned) => Andrea Colangelo (warp10)
Status: New => In
13 matches
Mail list logo
