Project

General

Profile

Bug #7393

irssi: Multiple vulnerabilities (CVE-2017-9468, CVE-2017-9469)

Added by Alicha CH almost 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Start date:
06/07/2017
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Affected versions:
Security IDs:

Description

CVE-2017-9468: When receiving a DCC message without source nick/host, Irssi would
attempt to dereference a NULL pointer.

Fixed in:

Irssi 1.0.3

Reference:

https://irssi.org/security/irssi_sa_2017_06.txt

Patch

https://github.com/irssi/irssi/commit/fb08fc7f1aa6b2e616413d003bf021612301ad55

CVE-2017-9469: When receiving certain incorrectly quoted DCC files, Irssi would
try to find the terminating quote one byte before the allocated memory.

Fixed in:

Irssi 1.0.3

Reference:

https://irssi.org/security/irssi_sa_2017_06.txt

Patch

https://github.com/irssi/irssi/commit/fb08fc7f1aa6b2e616413d003bf021612301ad55


Subtasks

Bug #7394: [3.7] irssi: Multiple vulnerabilities (CVE-2017-9468, CVE-2017-9469)ClosedNatanael Copa

Bug #7395: [3.6] irssi: Multiple vulnerabilities (CVE-2017-9468, CVE-2017-9469)ClosedNatanael Copa

Bug #7396: [3.5] irssi: Multiple vulnerabilities (CVE-2017-9468, CVE-2017-9469)ClosedNatanael Copa

Bug #7397: [3.4] irssi: Multiple vulnerabilities (CVE-2017-9468, CVE-2017-9469)ClosedNatanael Copa

Bug #7398: [3.3] irssi: Multiple vulnerabilities (CVE-2017-9468, CVE-2017-9469)ClosedNatanael Copa

History

#1 Updated by Leonardo Arena almost 2 years ago

  • Status changed from New to Resolved

#2 Updated by Alicha CH almost 2 years ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF