Mageia Advisory: MGASA-2017-0185 - Updated irssi packages fix security vulnerabilities

Updated irssi packages fix security vulnerabilities

Publication date: 26 Jun 2017
Modification date: 26 Jun 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-9468 , CVE-2017-9469

Description

It was discovered that Irssi incorrectly handled certain DCC messages.
A malicious IRC server could use this issue to cause Irssi to crash,
resulting in a denial of service (CVE-2017-9468).

Joseph Bisch discovered that Irssi incorrectly handled receiving
incorrectly quoted DCC files. A remote attacker could possibly use this
issue to cause Irssi to crash, resulting in a denial of service
(CVE-2017-9469).

References

https://bugs.mageia.org/show_bug.cgi?id=21037
https://www.ubuntu.com/usn/usn-3317-1/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9468
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9469

SRPMS

5/core

irssi-0.8.21-1.1.mga5

Advisories » MGASA-2017-0185

Updated irssi packages fix security vulnerabilities

Description

References

SRPMS

5/core