Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Sat, 06 Jan 2018 15:13:38 +0100
From: Ailin Nemui <ailin.nemui@...il.com>
To: oss-security@...ts.openwall.com
Subject: Irssi 1.0.6: CVE-2018-5206, CVE-2018-5205, CVE-2018-5208,
 CVE-2018-5207

IRSSI-SA-2018-01 Irssi Security Advisory [1]
============================================
CVE-2018-5206, CVE-2018-5205, CVE-2018-5208, CVE-2018-5207

Description
-----------

Multiple vulnerabilities have been located in Irssi.

(a) When the channel topic is set without specifying a sender, Irssi
    may dereference NULL pointer. Found by Joseph Bisch. (CWE-476)

    CVE-2018-5206 was assigned to this issue.

(b) When using incomplete escape codes, Irssi may access data beyond
    the end of the string. (CWE-126) Found by Joseph Bisch.

    CVE-2018-5205 was assigned to this issue.

(c) A calculation error in the completion code could cause a heap
    buffer overflow when completing certain strings. (CWE-126) Found
    by Joseph Bisch.

    CVE-2018-5208 was assigned to this issue.

(d) When using an incomplete variable argument, Irssi may access data
    beyond the end of the string. (CWE-126) Found by Joseph Bisch.

    CVE-2018-5207 was assigned to this issue.


Impact
------

May affect the stability of Irssi.


Affected versions
-----------------

(a,b,c,d) All Irssi versions that we observed.


Fixed in
--------

Irssi 1.0.6


Recommended action
------------------

Upgrade to Irssi 1.0.6. Irssi 1.0.6 is a maintenance release in the
1.0 series, without any new features.

After installing the updated packages, one can issue the /upgrade
command to load the new binary. TLS connections will require
/reconnect.


Mitigating facts
----------------

(a) requires a broken ircd or control over the ircd

(b,d) requires user to install malicious or broken files or enter
      affected commands


Patch
-----
https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.
6.diff


References
----------

[1] https://irssi.org/security/irssi_sa_2018_01.txt

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.