USN-3086-1: Irssi vulnerabilities
USN-3086-1: Irssi vulnerabilities Ubuntu Security Notice USN-3086-1 21st September, 2016 irssi vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Irssi could be made to crash if it received specially crafted network traffic. Software description irssi – terminal based IRC client Details Gabriel Campana and Adrien Guinet discovered that the format parsing codein Irssi did not properly verify 24bit color codes. A remote attacker coulduse this to cause a denial of service (application crash). (CVE-2016-7044) Gabriel Campana and Adrien Guinet discovered that a buffer overflow existedin the format parsing code in Irssi. A remote attacker could use this tocause a denial of service (application crash). (CVE-2016-7045) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: irssi 0.8.19-1ubuntu1.2 To update your system, please follow [ more… ]