openSUSE-SU-2017:1150-1

Опубликовано: 02 мая 2017

Источник: suse-cvrf

Описание

Security update for weechat

This update for weechat fixes one security issues:

CVE-2017-8073: WeeChat allowed a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overflow (bsc#1036467).

Список пакетов

openSUSE Leap 42.2

weechat-1.5-2.3.1

weechat-aspell-1.5-2.3.1

weechat-devel-1.5-2.3.1

weechat-doc-1.5-2.3.1

weechat-guile-1.5-2.3.1

weechat-lang-1.5-2.3.1

weechat-lua-1.5-2.3.1

weechat-perl-1.5-2.3.1

weechat-python-1.5-2.3.1

weechat-ruby-1.5-2.3.1

weechat-tcl-1.5-2.3.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-05/msg00005.html
E-Mail link for openSUSE-SU-2017:1150-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overflow.

Затронутые продукты

openSUSE Leap 42.2:weechat-1.5-2.3.1

openSUSE Leap 42.2:weechat-aspell-1.5-2.3.1

openSUSE Leap 42.2:weechat-devel-1.5-2.3.1

openSUSE Leap 42.2:weechat-doc-1.5-2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-8073.html
CVE-2017-8073
https://bugzilla.suse.com/1036467
SUSE Bug 1036467

openSUSE-SU-2017:1150-1

Описание

Список пакетов

openSUSE Leap 42.2

Ссылки

Уязвимость: CVE-2017-8073

Описание

Затронутые продукты

Ссылки