ngIRCd 25 has been released on January 23: https://github.com/ngircd/ngircd/blob/master/ChangeLog The RC1 (August 11), fixed a use-after-free issue. Mageia 6 is probably also affected.
Whiteboard: (none) => MGA6TOO
Status comment: (none) => Fixed upstream in 25
Assigning to all packagers collectively, since the registered maintainer for this package seems unavailable. Also CC'ing the maintainer and a committer.
Assignee: bugsquad => pkg-bugsCC: (none) => guillomovitch, marja11, oe
Hi, For Cauldron, ngircd-25-1.mga7 is building. For Mageia 6 (ngIRCd version 23), I did not find in the code the issue fixed by https://github.com/ngircd/ngircd/commit/798de94d6556bdf2c6019f368ad7441fe6e2d1be. The only line containing "Client_Destroy" seems good in the context: """ /* Kill the client NOW: * - Close the local connection (if there is one), * - Destroy the CLIENT structure for remote clients. * Note: Conn_Close() removes the CLIENT structure as well. */ conn = Client_Conn(c); if(conn > NONE) Conn_Close(conn, NULL, Reason, true); else Client_Destroy(c, NULL, Reason, false); """ Best regards, Nico.
CC: (none) => nicolas.salguero
Ok, thanks David!
Whiteboard: MGA6TOO => (none)Resolution: (none) => FIXEDStatus: NEW => RESOLVED