Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 07 Jun 2017 10:18:31 +0200
From: Ailin Nemui <ailin.nemui@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2017-9468, CVE-2017-9469: Irssi Security Advisory 2017/06

On Tue, 2017-06-06 at 23:31 +0200, Ailin Nemui wrote:
> (a) When receiving a DCC message without source nick/host, Irssi would
>     attempt to dereference a NULL pointer. Found by Joseph
>     Bisch. (CWE-690)

      CVE-2017-9468 [2] was assigned to this bug

> (b) When receiving certain incorrectly quoted DCC files, Irssi would
>     try to find the terminating quote one byte before the allocated
>     memory. Found by Joseph Bisch. (CWE-129, CWE-127)

      CVE-2017-9469 [3] was assigned to this bug

[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9468
[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9469

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.