#42649 – Packaged version of InspIRCd is old and insecure

Bug 42649 - Packaged version of InspIRCd is old and insecure

Summary: Packaged version of InspIRCd is old and insecure

Status:	NEW

Alias:	None

Product:	Sisyphus
Classification:	Development
Component:	inspircd (show other bugs)
Version:	unstable
Hardware:	all Linux

Importance:	P5 major
Assignee:	pak@altlinux.org
QA Contact:	qa-sisyphus

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-04-30 15:42 MSK by Sadie Powell
Modified:	2024-03-22 17:17 MSK (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sadie Powell 2022-04-30 15:42:56 MSK

The currently shipped version of InspIRCd (v2.0.29) is an insecure EOL version that has not been receiving security fixes or support in quite some time. I know of at least one security vulnerability in the v2 branch which has been found since the v2 branch was EOLed so it really shouldn't be used.

Please can you upgrade your package the latest release (which at time of writing currently v3.13.0)?

[Note: I am the upstream for this software not an ALT Linux user.]

Comment 1 Sadie Powell 2024-03-22 17:17:47 MSK

If you don't have the time or resources to update this package would you consider removing it so users aren't unknowingly using an insecure version?