Site icon 지락문화예술공작단

USN-3086-1: Irssi vulnerabilities

USN-3086-1: Irssi vulnerabilities

Ubuntu Security Notice USN-3086-1

21st September, 2016

irssi vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Summary

Irssi could be made to crash if it received specially crafted network
traffic.

Software description

Details

Gabriel Campana and Adrien Guinet discovered that the format parsing code
in Irssi did not properly verify 24bit color codes. A remote attacker could
use this to cause a denial of service (application crash). (CVE-2016-7044)

Gabriel Campana and Adrien Guinet discovered that a buffer overflow existed
in the format parsing code in Irssi. A remote attacker could use this to
cause a denial of service (application crash). (CVE-2016-7045)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.04 LTS:
irssi

0.8.19-1ubuntu1.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Irssi to make
all the necessary changes.

References

CVE-2016-7044,

CVE-2016-7045

Source: USN-3086-1: Irssi vulnerabilities

Exit mobile version