commit 6dc5471a758b75e58f3855f086f1e5ba1676d931
from: Alexander Barton <alex@barton.de>
date: Fri Aug 23 21:34:55 2013 UTC

ngIRCd Release 20.3

(cherry picked from commit bb6e2779636aa6d74bbff474880829f0183a3c94)

Conflicts:
	ChangeLog
	NEWS

commit - 309122017ebc6fff039a7cab1b82f632853d82d5
commit + 6dc5471a758b75e58f3855f086f1e5ba1676d931
blob - 9fe53c7a1c0d1a4fcefb695e0c8f25fe45be1211
blob + 1186276b88d21e6d549f432c923f621f04e6567b
--- ChangeLog
+++ ChangeLog
@@ -102,6 +102,13 @@ ngIRCd 21
     and then is used to output individual help texts to specific topics.
     Please see the file ./doc/Commands.txt for details.
 
+ngIRCd 20.3 (2013-08-23)
+
+  - Security: Fix a denial of service bug (server crash) which could happen
+    when the configuration option "NoticeAuth" is enabled (which is NOT the
+    default) and ngIRCd failed to send the "notice auth" messages to new
+    clients connecting to the server (CVE-2013-5580).
+
 ngIRCd 20.2 (2013-02-15)
 
   - Security: Fix a denial of service bug in the function handling KICK
blob - 0b86a43da95cf3ada4974359684c78032ede9c9f
blob + a8dc433e57ffd3d8f84b9df26eafd94e54628b99
--- NEWS
+++ NEWS
@@ -64,6 +64,14 @@ ngIRCd 21
     which is read in and parsed on server startup and configuration reload,
     and then is used to output individual help texts to specific topics.
     Please see the file ./doc/Commands.txt for details.
+
+ngIRCd 20.3 (2013-08-23)
+
+  - This release is a bugfix release only, without new features.
+  - Security: Fix a denial of service bug (server crash) which could happen
+    when the configuration option "NoticeAuth" is enabled (which is NOT the
+    default) and ngIRCd failed to send the "notice auth" messages to new
+    clients connecting to the server (CVE-2013-5580).
 
 ngIRCd 20.2 (2013-02-15)
 
blob - 2e39af03bb82030ea810427f700f846e0e851f83
blob + 396d1d0c8e97704ddfd63630c57d7900d0950d21
--- contrib/Debian/changelog
+++ contrib/Debian/changelog
@@ -1,3 +1,9 @@
+ngircd (20.3-0ab1) unstable; urgency=high
+
+  * New "upstream" release, fixing a security related bug: ngIRCd 20.3.
+
+ -- Alexander Barton <alex@barton.de>  Fri, 23 Aug 2013 21:53:21 +0200
+
 ngircd (20.2-0ab1) unstable; urgency=high
 
   * New "upstream" release, fixing a security related bug: ngIRCd 20.2.
blob - e2448a42c9108d05751665d95f4cbe3450e63b9d
blob + 0469313ac175f6aa1e44db5693542264616f2c79
--- contrib/ngircd.spec
+++ contrib/ngircd.spec
@@ -1,5 +1,5 @@
 %define name    ngircd
-%define version 20.2
+%define version 20.3
 %define release 1
 %define prefix  %{_prefix}