From ${URL} : IRSSI-SA-2017-06 Irssi Security Advisory [1] ============================================ Description ----------- Two vulnerabilities have been located in Irssi. (a) When receiving a DCC message without source nick/host, Irssi would attempt to dereference a NULL pointer. Found by Joseph Bisch. (CWE-690) (b) When receiving certain incorrectly quoted DCC files, Irssi would try to find the terminating quote one byte before the allocated memory. Found by Joseph Bisch. (CWE-129, CWE-127) Impact ------ (a) May result in denial of service (remote crash). (b) May result in denial of service (remote crash), but in practice this seems to be very unlikely unless address sanitizer is enabled. Affected versions ----------------- All Irssi versions that we observed. Fixed in -------- Irssi 1.0.3 Recommended action ------------------ Upgrade to Irssi 1.0.3. Irssi 1.0.3 is a maintenance release in the 1.0 series, without any new features. After installing the updated packages, one can issue the /upgrade command to load the new binary. TLS connections will require /reconnect. Mitigating facts ---------------- (a) requires control over the ircd Patch ----- https://github.com/irssi/irssi/commit/fb08fc7f1aa6b2e616413d003bf021612 301ad55 @maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.
Hi! @Security: the package is indeed already in the tree and ready for stabilisation. @Arch teams: please mark stable ASAP net-irc/irssi-1.0.3. Thanks!
To make things happen faster i suggest to populate 'Package list' field.
ia64 stable
amd64 stable
x86 stable
CVE-2017-9469 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9469): In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause a crash. CVE-2017-9468 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9468): In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer. Thus, remote IRC servers can cause a crash.
Stable on alpha.
ppc stable
ppc64 stable
arm stable
sparc stable