[3.9] irssi: Use after free when sending SASL login to the server (CVE-2019-13045)
Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when
SASL is enabled,
has a use after free when sending SASL login to the server.
Fixed In Version:
Irssi 1.0.8, 1.1.3, 1.2.1
References:
https://irssi.org/security/irssi\_sa\_2019\_06.txt
https://www.openwall.com/lists/oss-security/2019/06/29/1
(from redmine: issue id 10656, created on 2019-07-04, closed on 2019-07-04)
- Relations:
- parent #10653 (closed)
- Changesets:
- Revision 3dc163ee by Natanael Copa on 2019-07-04T10:40:39Z:
main/irssi: security upgrade to 1.1.3 (CVE-2019-13045)
fixes #10656