Overview

File _patchinfo of Package patchinfo.7643

<patchinfo incident="7643">
  <packager>ailin_nemui</packager>
  <issue tracker="cve" id="2018-5205"></issue>
  <issue tracker="cve" id="2018-5206"></issue>
  <issue tracker="cve" id="2018-5207"></issue>
  <issue tracker="cve" id="2018-5208"></issue>
  <issue tracker="bnc" id="1074958">VUL-0: irrsi: 1.0.6: CVE-2018-5206, CVE-2018-5205, CVE-2018-5208, CVE-2018-5207</issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>Security update for irssi</summary>
  <description>This update for irssi to version 1.0.6 fixes several issues that may affect the stability of irssi:

- CVE-2018-5205: Data access beyond the end of the string when using incomplete escape codes
- CVE-2018-5206: NULL pointer dereference when the channel topic is set without specifying a sender
- CVE-2018-5207: When using an incomplete variable argument, Irssi may access data beyond the end of the string
- CVE-2018-5208: Heap buffer overflow when completing certain strings
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places