AVG-293

Package irssi
Status Fixed
Severity Medium
Type denial of service
Affected 1.0.2-2
Fixed 1.0.3-1
Current 1.1.1-1 [extra]
Ticket None
Created Wed Jun 7 13:12:27 2017
Issue Severity Remote Type Description
CVE-2017-9469 Medium Yes Denial of service
In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory....
CVE-2017-9468 Medium Yes Denial of service
In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer. Thus, remote IRC servers can cause a crash.
Date Advisory Package Description
12 Jun 2017 ASA-201706-11 irssi denial of service
References
https://github.com/irssi/irssi/commit/fb08fc7f1aa6b2e616413d003bf021612301ad55
http://openwall.com/lists/oss-security/2017/06/06/4
https://irssi.org/security/irssi_sa_2017_06.txt