Updated irssi packages fix security vulnerabilities
Publication date: 24 Jul 2017Modification date: 24 Jul 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-10965 , CVE-2017-10966
Description
A malicious server could cause irssi to crash by providing an invalid timestamp (CVE-2017-10965). Undefined behavior may be triggered when irssi updates the internal nick list (CVE-2017-10966).
References
SRPMS
5/core
- irssi-0.8.21-1.2.mga5
6/core
- irssi-1.0.4-1.mga6