Advisories » MGASA-2024-0063

Updated irssi packages fix security vulnerabilities

Publication date: 15 Mar 2024
Modification date: 15 Mar 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-29132

Description

The updated packages fix a security vulnerability:
Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use
of a stale special collector reference. This occurs when printing of a
non-formatted line is concurrent with printing of a formatted line.
(CVE-2023-29132)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=31754
• https://irssi.org/security/irssi_sa_2023_03.txt
• https://ubuntu.com/security/notices/USN-6002-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29132

SRPMS

9/core

• irssi-1.4.3-1.1.mga9