From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH] irssi: security bump to version 1.0.5
Date: Thu, 26 Oct 2017 15:17:16 +0200 [thread overview]
Message-ID: <874lqm2gmb.fsf@dell.be.48ers.dk> (raw)
In-Reply-To: <20171023230836.23832-1-peter@korsgaard.com> (Peter Korsgaard's message of "Tue, 24 Oct 2017 01:08:36 +0200")
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:
> Fixes the following security issues:
> (a) When installing themes with unterminated colour formatting
> sequences, Irssi may access data beyond the end of the
> string. (CWE-126) Found by Hanno B?ck.
> CVE-2017-15228 was assigned to this issue.
> (b) While waiting for the channel synchronisation, Irssi may
> incorrectly fail to remove destroyed channels from the query list,
> resulting in use after free conditions when updating the state
> later on. Found by Joseph Bisch. (CWE-416 caused by CWE-672)
> CVE-2017-15227 was assigned to this issue.
> (c) Certain incorrectly formatted DCC CTCP messages could cause NULL
> pointer dereference. Found by Joseph Bisch. This is a separate,
> but similar issue to CVE-2017-9468. (CWE-690)
> CVE-2017-15721 was assigned to this issue.
> (d) Overlong nicks or targets may result in a NULL pointer dereference
> while splitting the message. Found by Joseph Bisch. (CWE-690)
> CVE-2017-15723 was assigned to this issue.
> (e) In certain cases Irssi may fail to verify that a Safe channel ID
> is long enough, causing reads beyond the end of the string. Found
> by Joseph Bisch. (CWE-126)
> CVE-2017-15722 was assigned to this issue.
> For more details, see the advisory:
> https://irssi.org/security/irssi_sa_2017_10.txt
> While we're at it, also add a hash for the license file.
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Committed to 2017.02.x, thanks.
--
Bye, Peter Korsgaard
next prev parent reply other threads:[~2017-10-26 13:17 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-23 23:08 [Buildroot] [PATCH] irssi: security bump to version 1.0.5 Peter Korsgaard
2017-10-25 7:44 ` Peter Korsgaard
2017-10-26 13:17 ` Peter Korsgaard [this message]
2017-10-26 13:20 ` Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=874lqm2gmb.fsf@dell.be.48ers.dk \
--to=peter@korsgaard.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.