Security update for znc
This update for znc fixes the following issues:
Update to 1.9.1 (boo#1227393, CVE-2024-39844)
* This is a security release to fix CVE-2024-39844: remote code
execution vulnerability in modtcl.
To mitigate this for existing installations, simply unload the
modtcl module for every user, if it's loaded. Note that only
users with admin rights can load modtcl at all.
* Improve tooltips in webadmin.
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#1227393
VUL-0: CVE-2024-39844: znc: arbitrary code embedded into the kick reason executed while kicking someone on a channel
