From 9e4d89aaa4e2b6e5c79600b93665c1c0e0bb5255 Mon Sep 17 00:00:00 2001 From: Alexey Sokolov Date: Sat, 14 Jul 2018 07:14:07 +0100 Subject: [PATCH 1/3] ZNC 1.7.1-rc1 --- CMakeLists.txt | 8 ++++---- configure.ac | 4 ++-- include/znc/version.h | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index c3398665..ca3a48e7 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -15,10 +15,10 @@ # cmake_minimum_required(VERSION 3.1) -project(ZNC VERSION 1.7.0) -set(ZNC_VERSION 1.7.x) -set(append_git_version true) -set(alpha_version "") # e.g. "-rc1" +project(ZNC VERSION 1.7.1) +set(ZNC_VERSION 1.7.1) +set(append_git_version false) +set(alpha_version "-rc1") # e.g. "-rc1" set(VERSION_EXTRA "" CACHE STRING "Additional string appended to version, e.g. to mark distribution") diff --git a/configure.ac b/configure.ac index 1c64e432..c3bfebd0 100644 --- a/configure.ac +++ b/configure.ac @@ -7,8 +7,8 @@ AC_DEFUN([AC_PROG_CC], [m4_errprint(__file__:__line__[: Something is trying to u dnl Needed for AC_PATH_PROGS_FEATURE_CHECK which was added in 2.62 AC_PREREQ([2.62]) dnl Keep the version number in sync with version.h! -AC_INIT([znc], [1.7.x]) -LIBZNC_VERSION=1.7.x +AC_INIT([znc], [1.7.1-rc1]) +LIBZNC_VERSION=1.7.1 AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_SRCDIR([src/znc.cpp]) AC_LANG([C++]) diff --git a/include/znc/version.h b/include/znc/version.h index 3f3fbab8..cff038e9 100644 --- a/include/znc/version.h +++ b/include/znc/version.h @@ -20,9 +20,9 @@ limitations under the License. // The following defines are for #if comparison (preprocessor only likes ints) #define VERSION_MAJOR 1 #define VERSION_MINOR 7 -#define VERSION_PATCH -1 +#define VERSION_PATCH 1 // This one is for display purpose and to check ABI compatibility of modules -#define VERSION_STR "1.7.x" +#define VERSION_STR "1.7.1" #endif // Don't use this one From c426898b3a1b899dfe8a8b2a3eeb4b18d8be1bf2 Mon Sep 17 00:00:00 2001 From: Alexey Sokolov Date: Tue, 17 Jul 2018 22:48:03 +0100 Subject: [PATCH 2/3] Increase the version number to 1.7.1 --- CMakeLists.txt | 2 +- ChangeLog.md | 32 ++++++++++++++++++++++++++++++++ configure.ac | 2 +- 3 files changed, 34 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index ca3a48e7..ed6a55d2 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -18,7 +18,7 @@ cmake_minimum_required(VERSION 3.1) project(ZNC VERSION 1.7.1) set(ZNC_VERSION 1.7.1) set(append_git_version false) -set(alpha_version "-rc1") # e.g. "-rc1" +set(alpha_version "") # e.g. "-rc1" set(VERSION_EXTRA "" CACHE STRING "Additional string appended to version, e.g. to mark distribution") diff --git a/ChangeLog.md b/ChangeLog.md index 85c47df5..27e8cfdd 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,3 +1,35 @@ +# ZNC 1.7.1 (2018-07-17) + +## Security critical fixes +* CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf. +* CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name. + +## Core +* Fix znc-buildmod to not hardcode the compiler used to build ZNC anymore in CMake build +* Fix language selector. Russian and German were both not selectable. +* Fix build without SSL support +* Fix several broken strings +* Stop spamming users about debug mode. This feature was added in 1.7.0, now reverted. + +## New +* Add partial Spanish, Indonesian, and Dutch translations + +## Modules +* adminlog: Log the error message again (regression of 1.7.0) +* admindebug: New module, which allows admins to turn on/off --debug in runtime +* flooddetach: Fix description of commands +* modperl: Fix memory leak in NV handling +* modperl: Fix functions which return VCString +* modpython: Fix functions which return VCString +* webadmin: Fix fancy CTCP replies editor for Firefox. It was showing the plain version even when JS is enabled + +## Internal +* Deprecate one of the overloads of CMessage::GetParams(), rename it to CMessage::GetParamsColon() +* Don't throw from destructor in the integration test +* Fix a warning with integration test / gmake / znc-buildmod interaction. + + + # ZNC 1.7.0 (2018-05-01) ## New diff --git a/configure.ac b/configure.ac index c3bfebd0..c94833ec 100644 --- a/configure.ac +++ b/configure.ac @@ -7,7 +7,7 @@ AC_DEFUN([AC_PROG_CC], [m4_errprint(__file__:__line__[: Something is trying to u dnl Needed for AC_PATH_PROGS_FEATURE_CHECK which was added in 2.62 AC_PREREQ([2.62]) dnl Keep the version number in sync with version.h! -AC_INIT([znc], [1.7.1-rc1]) +AC_INIT([znc], [1.7.1]) LIBZNC_VERSION=1.7.1 AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_SRCDIR([src/znc.cpp]) From bae80fd383fa9d75bcc4e891d79248363a6d1d24 Mon Sep 17 00:00:00 2001 From: Alexey Sokolov Date: Tue, 17 Jul 2018 22:58:48 +0100 Subject: [PATCH 3/3] Return version number to 1.7.x --- CMakeLists.txt | 4 ++-- configure.ac | 4 ++-- include/znc/version.h | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index ed6a55d2..3c1b3352 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -16,8 +16,8 @@ cmake_minimum_required(VERSION 3.1) project(ZNC VERSION 1.7.1) -set(ZNC_VERSION 1.7.1) -set(append_git_version false) +set(ZNC_VERSION 1.7.x) +set(append_git_version true) set(alpha_version "") # e.g. "-rc1" set(VERSION_EXTRA "" CACHE STRING "Additional string appended to version, e.g. to mark distribution") diff --git a/configure.ac b/configure.ac index c94833ec..1c64e432 100644 --- a/configure.ac +++ b/configure.ac @@ -7,8 +7,8 @@ AC_DEFUN([AC_PROG_CC], [m4_errprint(__file__:__line__[: Something is trying to u dnl Needed for AC_PATH_PROGS_FEATURE_CHECK which was added in 2.62 AC_PREREQ([2.62]) dnl Keep the version number in sync with version.h! -AC_INIT([znc], [1.7.1]) -LIBZNC_VERSION=1.7.1 +AC_INIT([znc], [1.7.x]) +LIBZNC_VERSION=1.7.x AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_SRCDIR([src/znc.cpp]) AC_LANG([C++]) diff --git a/include/znc/version.h b/include/znc/version.h index cff038e9..3f3fbab8 100644 --- a/include/znc/version.h +++ b/include/znc/version.h @@ -20,9 +20,9 @@ limitations under the License. // The following defines are for #if comparison (preprocessor only likes ints) #define VERSION_MAJOR 1 #define VERSION_MINOR 7 -#define VERSION_PATCH 1 +#define VERSION_PATCH -1 // This one is for display purpose and to check ABI compatibility of modules -#define VERSION_STR "1.7.1" +#define VERSION_STR "1.7.x" #endif // Don't use this one