AVG-293 log
| Package | irssi |
| Status | Fixed |
| Severity | Medium |
| Type | denial of service |
| Affected | 1.0.2-2 |
| Fixed | 1.0.3-1 |
| Current | 1.4.5-5 [extra] |
| Ticket | None |
| Created | Wed Jun 7 13:12:27 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-9469 | Medium | Yes | Denial of service | In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory.... |
| CVE-2017-9468 | Medium | Yes | Denial of service | In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer. Thus, remote IRC servers can cause a crash. |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 12 Jun 2017 | ASA-201706-11 | irssi | denial of service |
| References |
|---|
https://github.com/irssi/irssi/commit/fb08fc7f1aa6b2e616413d003bf021612301ad55 http://openwall.com/lists/oss-security/2017/06/06/4 https://irssi.org/security/irssi_sa_2017_06.txt |