Overview

File _patchinfo of Package patchinfo.15

<patchinfo incident="15">
  <packager>wrosenauer</packager>
  <issue tracker="bnc" id="789146">weechat: heap-based buffer overflow fixed</issue>
  <issue tracker="cve" id="CVE-2012-5854"></issue>
  <issue id="790217" tracker="bnc">weechat: hook_process script function vulnerable to shell injection</issue>
  <issue id="CVE-2012-5534" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <summary>security update for weechat</summary>
  <description>
- added weechat-fix-hook_process-shell-injection.patch which fixes
  a shell injection vulnerability in the hook_process function
  (bnc#790217, CVE-2012-5534)
- added weechat-fix-buffer-overflow-in-irc-color-decoding.patch
  which fixes a heap-based overflow when decoding IRC colors in
  strings (bnc#789146, CVE-2012-5854)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places