From 3364501739825aab2fae52b9665424c5424e14b1 Mon Sep 17 00:00:00 2001 From: Sadie Powell Date: Tue, 2 Jul 2024 22:11:49 +0100 Subject: [PATCH] Add the change log and security advisory for v4.0.1. --- docs/4/change-log.md | 16 ++++++++++++++++ docs/security/2024-01.md | 39 +++++++++++++++++++++++++++++++++++++++ docs/security/index.md | 4 ++++ 3 files changed, 59 insertions(+) create mode 100644 docs/security/2024-01.md diff --git a/docs/4/change-log.md b/docs/4/change-log.md index 2eb558884..70bc5760e 100644 --- a/docs/4/change-log.md +++ b/docs/4/change-log.md @@ -6,6 +6,22 @@ title: v4 Change Log This page lists changes which have happened between releases. +### InspIRCd 4.0.1 + +**This version of InspIRCd was released on 2024-07-03.** + +- [Fixed a **crash** in the spanningtree module](/security/2024-01). + +- Fixed the passforward module unnecessarily looking up connect class passwords from the config. + +- Fixed various minor documentation issues. + +- Updated the example tables for the sqloper module to include all core fields. + +- Updated the log_sql tables to use non-null columns. + +- Updated the vendored libraries. + ### InspIRCd 4.0.0 **This version of InspIRCd was released on 2024-06-29.** diff --git a/docs/security/2024-01.md b/docs/security/2024-01.md new file mode 100644 index 000000000..aaabbc5fb --- /dev/null +++ b/docs/security/2024-01.md @@ -0,0 +1,39 @@ +--- +title: Security Advisory 2024-01 +--- + +## InspIRCd Security Advisory 2024-01 + +### Summary + +The spanningtree module before v4.0.1 contains a null pointer dereference. When the chanhistory module is also loaded this vulnerability can be used to remotely crash a InspIRCd server by any user able to connect to a server and set channel modes. + +Thanks to [@RobCubed](https://github.com/RobCubed) for reporting this issue. + +### Affected Versions + +This vulnerability is present in the following releases: + +* v4.0.0a26 +* v4.0.0rc1 +* v4.0.0rc2 +* v4.0.0rc3 +* v4.0.0 + +### Recommended Action + +This vulnerability is fixed in version 4.0.1. It is strongly recommended that all affected users upgrade. + +If upgrading is not possible then the spanningtree module should be unloaded. If this is also not possible then the chanhistory module should be unloaded. + +### History + +* 2024-03-08 — The vulnerability was introduced. +* 2024-07-02 — A crash vulnerability was reported to the InspIRCd team. +* 2024-07-02 — The cause of the crash was identified by the InspIRCd team and a fix was prepared. +* 2024-07-03 — InspIRCd v4.0.1 was released with a fix for the crash vulnerability. + +### References + +* [InspIRCd commit ef572e3](https://github.com/inspircd/inspircd/commit/ef572e3c1feee05f7aafb266c29e566f56ea268a). +* [InspIRCd commit b1f5817](https://github.com/inspircd/inspircd/commit/b1f581787dd29a515a4bc09c2d9a2df5b1c7938e). diff --git a/docs/security/index.md b/docs/security/index.md index 3921af489..e331c0da3 100644 --- a/docs/security/index.md +++ b/docs/security/index.md @@ -4,6 +4,10 @@ title: Security Advisories This page lists all security advisories which have been released for InspIRCd since the start of 2019. +## 2024 + +* [2024-01](/security/2024-01) — Null pointer dereference in the spanningtree module. + ## 2021 * [2021-01](/security/2021-01) — Memory disclosure vulnerability in the core.