openSUSE-SU-2017:0094-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2017:0094-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2017:0094-1
Related
Published
2017-01-09T16:14:54Z
Modified
2017-01-09T16:14:54Z
Summary
Security update for irssi
Details

irssi was updated to fix four vulnerabilities that could result in denial of service (remote crash) when connecting to malicious servers or receiving specially crafted data. (boo#1018357)

  • CVE-2017-5193: NULL pointer dereference in the nickcmp function
  • CVE-2017-5194: out of bounds read in certain incomplete control codes
  • CVE-2017-5195: out of bounds read in certain incomplete character sequences
  • CVE-2017-5196: Correct an error when receiving invalid nick message
References

Affected packages

SUSE:Package Hub 12 / irssi

Package

Name
irssi
Purl
pkg:rpm/suse/irssi&distro=SUSE%20Package%20Hub%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.8.21-12.1

Ecosystem specific

{
    "binaries": [
        {
            "irssi-devel": "0.8.21-12.1",
            "irssi": "0.8.21-12.1"
        }
    ]
}