Debian Package Tracker

From: Salvatore Bonaccorso <carnil@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted irssi 0.8.17-1+deb8u5 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
Date: Sat, 18 Nov 2017 22:18:55 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 01 Nov 2017 22:57:01 +0100
Source: irssi
Binary: irssi irssi-dbg irssi-dev
Architecture: source
Version: 0.8.17-1+deb8u5
Distribution: jessie-security
Urgency: high
Maintainer: Rhonda D'Vine <rhonda@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 867598 879521
Description: 
 irssi      - terminal based IRC client
 irssi-dbg  - terminal based IRC client (debugging symbols)
 irssi-dev  - terminal based IRC client - development files
Changes:
 irssi (0.8.17-1+deb8u5) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Address IRSSI-SA-2017-07.
     - CVE-2017-10965: NULL pointer dereference when receiving messages
       with invalid timestamp.
     - CVE-2017-10966: Use after free after nicklist structure has been
       corrupted while updating a nick group.
     (Closes: #867598)
   * Address IRSSI-SA-2017-10.
     - CVE-2017-15228: Unterminated colour formatting sequences may cause
       data access beyond the end of the buffer.
     - CVE-2017-15227: Failure to remove destroyed channels from
       the query list while waiting for the channel synchronisation
       may result in use after free conditions when updating the
       state later on.
     - CVE-2017-15721: Certain incorrectly formatted DCC CTCP messages
       could cause NULL pointer dereference.
     - CVE-2017-15723: Overlong nicks or targets may result in a NULL
       pointer dereference while splitting the message.
     - CVE-2017-15722: Read beyond end of buffer may occur if a Safe
       channel ID is not long enough.
     (Closes: #879521)
Checksums-Sha1: 
 bcad573eb51b1e0b2c2267bcf21e40debf9a8160 2151 irssi_0.8.17-1+deb8u5.dsc
 cf97bb384b3f36703329ac1612c4f2dc182a1bdd 27372 irssi_0.8.17-1+deb8u5.diff.gz
Checksums-Sha256: 
 bc97705385b66c97397177bbb191a7313f09ec349206b3e30d82c9d6bf7c1c93 2151 irssi_0.8.17-1+deb8u5.dsc
 d92970a38877b64ea2364aae5b56befd439dab6bf243b63c4e39584775e79702 27372 irssi_0.8.17-1+deb8u5.diff.gz
Files: 
 91f8508a09a6ed850f85718568dd1e59 2151 net optional irssi_0.8.17-1+deb8u5.dsc
 ee65eea42cc98a7be56586f99dabea0a 27372 net optional irssi_0.8.17-1+deb8u5.diff.gz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAln6RC1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EnhkP/1eoyv7BG6z+s8VuoLl/P1+q3acSAQ9O
9r1naateTXcpxDADxxZeName66IrTY+oKKYWOohuaScebVa3Lzm+PdtcFDCUZYJW
OuDZL3qcBwO7ti0sKxfX8+vf8j6XKDnUjsFiTEueYDsXkf2wKhwKbzj57k/KHoi3
j7wp+aM89u5JqXQf8S3nGKVUdLB6MaZz7wDYJO0tdEKBlEn+Og6f850ykx7D23S9
63AfJtLXgGxc5e+pDO3qhWnSNZRvRb78AB1ID3c+eHIVxi1GbTPCPk+JEawsqPr6
ZwEP9oIYls2r8ODls9GADHAxuOUoXDuGUArL1EZKgwQSkJNEqlCntY4bje3nGCEx
XWYGUhuJwgsyt8RdBiLry7mRES2GbqGOAGf+blTE8TcStNac7slylUcbezCnB45H
CtFt3gYClIt9qr1a9KJgrywwVSS1ZiJ4JlDA34wuBOZBIyNxa9ZFXkq54ntAsNVT
f8eBdM5v1MVxjw5kVbO+S2KqowNByXzJwNU8dZS42hX1NOcHp9stk17ufKsj/mBA
p1TAp6wUGgRgT9M5M8p89etg2YxevmfqGKjzfUCbNvRm60BT6FLko+CuJHHis+fT
w8u0qajYaiIgOOEyNK2psCD93QIT9BZQ+BeXwoiHK503+AtcUjOhn0FENyX6aCIo
r1FoUT2XPZr2
=iaIQ
-----END PGP SIGNATURE-----
News for package irssi
