Update Info


Security update for irssi

Type: security
Severity: moderate
Issued: 2018-01-09
This update for irssi to version 1.0.6 fixes several issues that may affect the stability of irssi:

- CVE-2018-5205: Data access beyond the end of the string when using incomplete escape codes
- CVE-2018-5206: NULL pointer dereference when the channel topic is set without specifying a sender
- CVE-2018-5207: When using an incomplete variable argument, Irssi may access data beyond the end of the string
- CVE-2018-5208: Heap buffer overflow when completing certain strings



  • irssi-1.0.6-36.1