Project

General

Profile

Bug #6691

Bug #6690: irssi: Multiple vulnerabilities (CVE-2017-5193, CVE-2017-5194, CVE-2017-5356, CVE-2017-5195, CVE-2017-5196)

[3.5] irssi: Multiple vulnerabilities (CVE-2017-5193, CVE-2017-5194, CVE-2017-5356, CVE-2017-5195, CVE-2017-5196)

Added by Alicha CH about 2 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
Start date:
01/16/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

CVE-2017-5193: A NULL pointer dereference in the nickcmp function.

CVE-2017-5194: Use after free when receiving invalid nick message.

CVE-2017-5356: Out of bounds read when Printing the value.

CVE-2017-5195: Out of bounds read in certain incomplete control codes.

CVE-2017-5196: Out of bounds read in certain incomplete character sequences.

Fixed In Version:

irssi 0.8.21, irssi 1.0.0

References:

https://irssi.org/security/irssi_sa_2017_01.txt
http://seclists.org/oss-sec/2017/q1/26

Associated revisions

Revision 72b8702d (diff)
Added by Sergei Lukin about 2 years ago

main/irssi: security upgrade to 0.8.21 - fixes #6691

CVE-2017-5193: A NULL pointer dereference in the nickcmp function.
CVE-2017-5194: Use after free when receiving invalid nick message.
CVE-2017-5356: Out of bounds read when Printing the value.
CVE-2017-5195: Out of bounds read in certain incomplete control codes.
CVE-2017-5196: Out of bounds read in certain incomplete character sequences.

History

#1 Updated by Sergei Lukin about 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Alicha CH about 2 years ago

  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF