High-impact security bugs:
There was a path traversal bug in ZNC which allowed attackers write access to
any place to which ZNC has write access. The attacker only needed a user
account (with BounceDCCs enabled). Details are in the commit message:
http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1570
All ZNC versions since ZNC 0.022 (Initial import in SVN) are affected.
New stuff:
* /msg *status uptime is now accessible to everyone.
* ZNC can now optionally use c-ares for asynchronous DNS resolving.
* The new config option AnonIPLimit limits the number of unidentified connections per IP.
Fixes:
* znc --no-color --makeconf still used some color codes.
* Webadmin favicons were broken since r1481.
* znc.pc was installed to the wrong directory in multilib systems.
* Handle flags like e.g. --allow-root for /msg *status restart.
* Fix channel user mode tracking.
* Fix a possible crash if users are deleted while they are connecting to IRC.
* Limit HTTP POST data to 1 MiB.
* OnStatusCommand() wasn't called for commands executed via /znc.
* On systems where sizeof(off_t) is 4, all ZNC-originated DCCs failed with
"File too large (>4 GiB)".
* ZNC didn't properly verify paths when checking for directory traversal attacks (Low impact).
Minor stuff:
* Minor speed optimizations.
* stickychan now accepts a channel list as module arguments.
* Added a clear command to nickserv.
* Added an execute command to perform.
* Added a swap command to perform.
* fail2ban clears all bans on rehash.
Internal stuff:
* The API for traffic stats changed.
* Some optimizations to CSmartPtr.
* CString now accepts an optional precision for converting floating point numbers.
* Made home dir optional in CDir::ChangeDir().
* EMFILE in CSockets is handled by closing the socket.
Special thanks to cnu and flakes for finding security issues!