Overview

File _patchinfo of Package patchinfo.6172

<patchinfo incident="6172">
  <packager>AndreasStieger</packager>
  <issue tracker="bnc" id="1018357">VUL-1: CVE-2017-5193, CVE-2017-5194, CVE-2017-5195, CVE-2017-5196: irssi: Multiple Vulnerabilities (2017/01) [CWE-690, CWE-146, CWE-126]</issue>
  <issue tracker="cve" id="2017-5193"></issue>
  <issue tracker="cve" id="2017-5194"></issue>
  <issue tracker="cve" id="2017-5195"></issue>
  <issue tracker="cve" id="2017-5196"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>Security update for irssi</summary>
  <description>irssi was updated to fix four vulnerabilities that could result in denial 
of service (remote crash) when connecting to malicious servers or receiving
specially crafted data. (boo#1018357)

- CVE-2017-5193: NULL pointer dereference in the nickcmp function
- CVE-2017-5194: out of bounds read in certain incomplete control codes
- CVE-2017-5195: out of bounds read in certain incomplete character sequences 
- CVE-2017-5196: Correct an error when receiving invalid nick message</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places