Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 612678 (CVE-2017-7191) - <net-irc/irssi-1.0.2: use after free condition during netjoin processing (CVE-2017-7191)
Summary: <net-irc/irssi-1.0.2: use after free condition during netjoin processing (CVE...
Status: RESOLVED FIXED
Alias: CVE-2017-7191
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL: https://irssi.org/2017/03/11/irssi-1....
Whiteboard: ~3 [noglsa/cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-03-15 06:42 UTC by Jeroen Roovers (RETIRED)
Modified: 2017-03-24 07:23 UTC (History)
2 users (show)

See Also:
Package list:
=net-irc/irssi-1.0.2
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jeroen Roovers (RETIRED) gentoo-dev 2017-03-15 06:42:32 UTC
[URL] says:
"""
This release fixes a remote crash issue in Irssi 1.0
"""

Not sure what that is as the release notes do not mention it as such:

https://github.com/irssi/irssi/releases/tag/1.0.2

"""
v1.0.2 2017-03-10  The Irssi team <staff@irssi.org>
	- Prevent some null-pointer crashes (GL!9).
	- Fix compilation with OpenSSL 1.1.0 (#628, #597).
	- Correct dereferencing of already freed server objects during
	  output of netjoins. Found by APic (GL!10, GL#7).
	- Fix in command arg parser to detect missing arguments in tail place
	  (#652, #651).
	- Fix regression that broke incoming DCC file transfers (#667, #656).
	- Fix issue with escaping \ in evaluated strings (#669, #520).
"""
Comment 1 Patrice Clement gentoo-dev 2017-03-15 10:23:04 UTC
commit d81b2136e02c140838ca99374c9a06f375f2c9c2 (HEAD -> master, origin/master, origin/HEAD)
Author:     Patrice Clement <monsieurp@gentoo.org>
AuthorDate: Wed Mar 15 10:49:45 2017 +0100
Commit:     Patrice Clement <monsieurp@gentoo.org>
CommitDate: Wed Mar 15 11:22:13 2017 +0100

net-irc/irssi: version bump.

Gentoo-Bug: https://bugs.gentoo.org/612678

Package-Manager: Portage-2.3.3, Repoman-2.3.1

net-irc/irssi/Manifest           |  1 +
net-irc/irssi/irssi-1.0.2.ebuild | 60 ++++++++++++++++++++++++++++++++++++++++
2 files changed, 61 insertions(+)
create mode 100644 net-irc/irssi/irssi-1.0.2.ebuild
Comment 2 Agostino Sarubbo gentoo-dev 2017-03-17 11:55:41 UTC
Can it be stabilized? if yes, please CC arches
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2017-03-17 15:11:41 UTC
(In reply to Agostino Sarubbo from comment #2)
> Can it be stabilized? if yes, please CC arches

Quoting the advisory[1] referred to by the URL:

"""
Affected versions
-----------------

Irssi up to and including 1.0.1

We believe Irssi 0.8.21 and prior are not affected since a different
code path causes the netjoins to be flushed prior to reaching the use
after free condition.
"""

[1] https://irssi.org/security/irssi_sa_2017_03.txt
Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev 2017-03-18 12:52:10 UTC
Like Jeroen pointed out in comment #3 upstream don't belief v0.8.21 was affected. Therefore we are done, repository is clean.