Debian Package Tracker

From: Salvatore Bonaccorso <carnil@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted irssi 1.0.2-1+deb9u3 (source) into proposed-updates->stable-new, proposed-updates
Date: Sun, 12 Nov 2017 15:33:02 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 01 Nov 2017 23:00:22 +0100
Source: irssi
Binary: irssi irssi-dev
Architecture: source
Version: 1.0.2-1+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Rhonda D'Vine <rhonda@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 879521
Description: 
 irssi      - terminal based IRC client
 irssi-dev  - terminal based IRC client - development files
Changes:
 irssi (1.0.2-1+deb9u3) stretch-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Address IRSSI-SA-2017-10.
     - CVE-2017-15228: Unterminated colour formatting sequences may cause
       data access beyond the end of the buffer.
     - CVE-2017-15227: Failure to remove destroyed channels from
       the query list while waiting for the channel synchronisation
       may result in use after free conditions when updating the
       state later on.
     - CVE-2017-15721: Certain incorrectly formatted DCC CTCP messages
       could cause NULL pointer dereference.
     - CVE-2017-15723: Overlong nicks or targets may result in a NULL
       pointer dereference while splitting the message.
     - CVE-2017-15722: Read beyond end of buffer may occur if a Safe
       channel ID is not long enough.
     (Closes: #879521)
Checksums-Sha1: 
 8c2eaba7e87cc4e998b73e0d7f8b6943a07478a0 2093 irssi_1.0.2-1+deb9u3.dsc
 9e6660d6f8eb105cd84fc51e0467f46b799583bd 23200 irssi_1.0.2-1+deb9u3.debian.tar.xz
Checksums-Sha256: 
 879138ebd05e9e853357979b7791c43ae76586686e6de8d870b7a8ab1f4ea50a 2093 irssi_1.0.2-1+deb9u3.dsc
 f7a205277275b7ac03d7a05743ee8df841955c8287802c0b2f38d321b4cc0dc5 23200 irssi_1.0.2-1+deb9u3.debian.tar.xz
Files: 
 8874e4e0bdbd1dc82b2cf12289d5d0ab 2093 net optional irssi_1.0.2-1+deb9u3.dsc
 113bb55eb6aeaaf879032cb4c8c7f7dc 23200 net optional irssi_1.0.2-1+deb9u3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAln6RRpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ELIwP/3tGeLtprSCeaXwFGp3pSJbEQdtW8B8k
/XaIhmNbMx0fXoLQkp9fv6O/4KFCYEtK94L/p4xIGW1PNkXIpor9S2KUIJSFGZmS
0qvB3A97/y6qWorJI2yFJAA0Derg5tuohZg3fGEA9g38/b5t2wzGNSEHzVW0WiPp
v9fGGDkW00uG76v1VuQ5dVz7pseLxqvIJnW8GWO5ZsKRMCSRC2G+Sy6/MbRvbxq3
R73mCjyfRGT6TMcvnnPb9mJx4x+nnT47FDi3yuGVUWgVu0TAE1uhGWXsNx8M+PIr
DTXpAQGPgd8iAbbVVJO0Mkfe9PhT1hnfYKUzdCBu1rhubl/en/f3hpuXG7xRCHNp
6Pp265SNgzgTclYFIA89+daMBxHXWf+I9AQA7wDNMydnoM+2EYYdTjyA6dhXcn15
M7cgbeByZW0KtB3O5SOhyYhGiIeTPForW3psDbsiaJo9IiD6MzJQieJz/1S5pDTw
tqy0Us8yhCBhOF7DX5RzIVyWB/gN4us32eViVk2bs4hg1j336LIKa1FoqsDS2RUr
dajAWPQ60UmRvUe8Nmnr+VxvTCvb3iFVEhjY1hKSwM9e90rD9mR2zhomJMAAaVVK
MgpFghBtt1QssIKHC00mxd0nVGBXaknMzKhayXvM8BAcOOdJoe2w30nT1fegM02+
BnZq06AGHTGQ
=6Wv0
-----END PGP SIGNATURE-----
News for package irssi
