Overview
Security update for irssi

The IRC client irssi was updated to 0.8.20, fixing various bugs and security issues.

* CVE-2016-7044: The unformat_24bit_color function in the format parsing
code in Irssi, when compiled with true-color enabled, allowed remote
attackers to cause a denial of service (heap corruption and crash)
via an incomplete 24bit color code.
* CVE-2016-7045: The format_send_to_gui function in the format parsing
code in Irssi allowed remote attackers to cause a denial of service
(heap corruption and crash) via vectors involving the length of a string.

See https://irssi.org/security/irssi_sa_2016.txt for more details.

* CVE-2016-7553: A information disclosure vulnerability in irssi buf.pl

See https://irssi.org/2016/09/22/buf.pl-update/ for more information.

Fixed bugs
CVE-2016-7044
CVE-2016-7553
CVE-2016-7045
bnc#999199
VUL-0: CVE-2016-7044, CVE-2016-7045: irssi: heap corruption and missing boundary checks
bnc#1001215
VUL-1: CVE-2016-7553: irssi: Information disclosure in buf.pl
Selected Binaries
openSUSE Build Service is sponsored by
Places