Date: Sat, 06 Jan 2018 15:13:38 +0100 From: Ailin Nemui <ailin.nemui@...il.com> To: oss-security@...ts.openwall.com Subject: Irssi 1.0.6: CVE-2018-5206, CVE-2018-5205, CVE-2018-5208, CVE-2018-5207 IRSSI-SA-2018-01 Irssi Security Advisory  ============================================ CVE-2018-5206, CVE-2018-5205, CVE-2018-5208, CVE-2018-5207 Description ----------- Multiple vulnerabilities have been located in Irssi. (a) When the channel topic is set without specifying a sender, Irssi may dereference NULL pointer. Found by Joseph Bisch. (CWE-476) CVE-2018-5206 was assigned to this issue. (b) When using incomplete escape codes, Irssi may access data beyond the end of the string. (CWE-126) Found by Joseph Bisch. CVE-2018-5205 was assigned to this issue. (c) A calculation error in the completion code could cause a heap buffer overflow when completing certain strings. (CWE-126) Found by Joseph Bisch. CVE-2018-5208 was assigned to this issue. (d) When using an incomplete variable argument, Irssi may access data beyond the end of the string. (CWE-126) Found by Joseph Bisch. CVE-2018-5207 was assigned to this issue. Impact ------ May affect the stability of Irssi. Affected versions ----------------- (a,b,c,d) All Irssi versions that we observed. Fixed in -------- Irssi 1.0.6 Recommended action ------------------ Upgrade to Irssi 1.0.6. Irssi 1.0.6 is a maintenance release in the 1.0 series, without any new features. After installing the updated packages, one can issue the /upgrade command to load the new binary. TLS connections will require /reconnect. Mitigating facts ---------------- (a) requires a broken ircd or control over the ircd (b,d) requires user to install malicious or broken files or enter affected commands Patch ----- https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0. 6.diff References ----------  https://irssi.org/security/irssi_sa_2018_01.txt
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ