Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 22 Oct 2017 15:11:53 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-ports-bugs@FreeBSD.org
Subject:   [Bug 223169] irc/irssi: Update to 1.0.5 due to CVEs
Message-ID:  <bug-223169-13@https.bugs.freebsd.org/bugzilla/>

next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D223169

            Bug ID: 223169
           Summary: irc/irssi: Update to 1.0.5 due to CVEs
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: freebsd-ports-bugs@FreeBSD.org
          Reporter: dor.bsd@xm0.uk

Created attachment 187370
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D187370&action=
=3Dedit
Update to irssi 1.0.5

This fixes CVEs:
      - CVE-2017-15228
      - CVE-2017-15227
      - CVE-2017-15721
      - CVE-2017-15723
      - CVE-2017-15722

    (a) When installing themes with unterminated colour formatting
        sequences, Irssi may access data beyond the end of the
        string. (CWE-126) Found by Hanno B=C3=B6ck.

        CVE-2017-15228 was assigned to this issue.

    (b) While waiting for the channel synchronisation, Irssi may
        incorrectly fail to remove destroyed channels from the query list,
        resulting in use after free conditions when updating the state
        later on. Found by Joseph Bisch. (CWE-416 caused by CWE-672)

        CVE-2017-15227 was assigned to this issue.

    (c) Certain incorrectly formatted DCC CTCP messages could cause NULL
        pointer dereference. Found by Joseph Bisch. This is a separate,
        but similar issue to CVE-2017-9468. (CWE-690)

        CVE-2017-15721 was assigned to this issue.

    (d) Overlong nicks or targets may result in a NULL pointer dereference
        while splitting the message. Found by Joseph Bisch. (CWE-690)

        CVE-2017-15723 was assigned to this issue.

    (e) In certain cases Irssi may fail to verify that a Safe channel ID
        is long enough, causing reads beyond the end of the string. Found
        by Joseph Bisch. (CWE-126)

        CVE-2017-15722 was assigned to this issue.

    More information can be found in the upstream security advisory at
    https://irssi.org/security/irssi_sa_2017_10.txt

--=20
You are receiving this mail because:
You are the assignee for the bug.=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-223169-13>