Advisories ยป MGASA-2018-0132

Updated irssi packages fix security vulnerability

Publication date: 22 Feb 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-7050 , CVE-2018-7051 , CVE-2018-7052 , CVE-2018-7053 , CVE-2018-7054

Description

Null pointer dereference when an "empty" nick has been observed by Irssi
(CVE-2018-7050).

Certain nick names could result in out of bounds access when printing theme
strings (CVE-2018-7051).

When the number of windows exceed the available space, Irssi would crash
due to Null pointer dereference (CVE-2018-7052).

Use after free when SASL messages are received in unexpected order
(CVE-2018-7053).

Use after free when server is disconnected during netsplits (CVE-2018-7054).
                

References

SRPMS

6/core