AVG-616

Package irssi
Status Fixed
Severity High
Type multiple issues
Affected 1.1.0-1
Fixed 1.1.1-1
Current 1.1.2-1 [extra]
Ticket None
Created Thu Feb 15 23:06:40 2018
Issue Severity Remote Type Description
CVE-2018-7054 Low Yes Denial of service
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits.
CVE-2018-7053 High Yes Arbitrary code execution
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order.
CVE-2018-7052 Low Yes Denial of service
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space, a crash due to a NULL pointer...
CVE-2018-7051 Low Yes Denial of service
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access when printing theme strings.
CVE-2018-7050 Low Yes Denial of service
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick.
Date Advisory Package Description
15 Feb 2018 ASA-201802-8 irssi multiple issues