ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding.
lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html
lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html
github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTRBTPL7WWKQ7DZ2ALDTCGYUWSE6SL3/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WRHCMHI44AW5CJ22WV676BKFUWWCLA7T/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZRVSINQHM623GJYYNDSBYSXT2MHKFCYQ/
seclists.org/bugtraq/2019/Jun/23
usn.ubuntu.com/3950-1/
www.debian.org/security/2019/dsa-4463