4 issues skipped by the security teams:
- CVE-2018-5206: When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer.
- CVE-2018-5205: When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string.
- CVE-2018-5207: When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string.
- CVE-2018-5208: In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings.