{"affected":[{"ecosystem_specific":{"binaries":[{"znc":"1.9.1-bp156.2.3.1","znc-devel":"1.9.1-bp156.2.3.1","znc-lang":"1.9.1-bp156.2.3.1","znc-perl":"1.9.1-bp156.2.3.1","znc-python3":"1.9.1-bp156.2.3.1","znc-tcl":"1.9.1-bp156.2.3.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP6","name":"znc","purl":"pkg:rpm/suse/znc&distro=SUSE%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.9.1-bp156.2.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"znc":"1.9.1-bp156.2.3.1","znc-devel":"1.9.1-bp156.2.3.1","znc-lang":"1.9.1-bp156.2.3.1","znc-perl":"1.9.1-bp156.2.3.1","znc-python3":"1.9.1-bp156.2.3.1","znc-tcl":"1.9.1-bp156.2.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"znc","purl":"pkg:rpm/opensuse/znc&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.9.1-bp156.2.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for znc fixes the following issues:\n\nUpdate to 1.9.1 (boo#1227393, CVE-2024-39844)\n\n  * This is a security release to fix CVE-2024-39844: remote code\n    execution vulnerability in modtcl.\n    To mitigate this for existing installations, simply unload the\n    modtcl module for every user, if it's loaded. Note that only\n    users with admin rights can load modtcl at all.\n  * Improve tooltips in webadmin.\n","id":"openSUSE-SU-2024:0203-1","modified":"2024-07-17T12:06:08Z","published":"2024-07-17T12:06:08Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7QQ7R7LSWLXD4TDRUDSD57JQTEXMFSMH/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227393"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-39844"}],"related":["CVE-2024-39844"],"summary":"Security update for znc","upstream":["CVE-2024-39844"]}