Security update for irssi
irssi was updated to fix four vulnerabilities that could result in denial
of service (remote crash) when connecting to malicious servers or receiving
specially crafted data. (boo#1018357)
- CVE-2017-5193: NULL pointer dereference in the nickcmp function
- CVE-2017-5194: out of bounds read in certain incomplete control codes
- CVE-2017-5195: out of bounds read in certain incomplete character sequences
- CVE-2017-5196: Correct an error when receiving invalid nick message
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#1018357
VUL-1: CVE-2017-5193, CVE-2017-5194, CVE-2017-5195, CVE-2017-5196: irssi: Multiple Vulnerabilities (2017/01) [CWE-690, CWE-146, CWE-126]
