Overview

File _patchinfo of Package patchinfo.1106

<patchinfo>
  <issue id="790217" tracker="bnc">weechat: hook_process script function vulnerable to shell injection</issue>
  <issue id="789146" tracker="bnc">weechat: heap-based buffer overflow in Weechat below 0.3.9.1</issue>
  <issue id="CVE-2012-5534" tracker="cve" />
  <issue id="CVE-2012-5854" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>gberh</packager>
  <description>
- added weechat-fix-hook_process-shell-injection.patch which fixes
  a shell injection vulnerability in the hook_process function
  (bnc#790217, CVE-2012-5534)
- added weechat-fix-buffer-overflow-in-irc-color-decoding.patch
  which fixes a heap-based overflow when decoding IRC colors in
  strings (bnc#789146, CVE-2012-5854)
</description>
  <summary>security update for weechat</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places