| Summary: | irssi new security issue CVE-2019-15717 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, brtians1, jani.valimaa, sysadmin-bugs, tmb |
| Version: | 7 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA7-64-OK | ||
| Source RPM: | irssi-1.2.1-2.mga8.src.rpm | CVE: | |
| Status comment: | Fixed upstream in 1.2.2 | ||
|
Description
David Walser
2019-08-31 03:25:53 CEST
David Walser
2019-08-31 03:26:07 CEST
Status comment:
(none) =>
Fixed upstream in 1.2.2 Updated package uploaded by Jani. Advisory: ======================== Updated irssi packages fix security vulnerability: Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP (CVE-2019-15717). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15717 https://www.openwall.com/lists/oss-security/2019/08/29/3 ======================== Updated packages in core/updates_testing: ======================== irssi-1.2.2-1.mga7 irssi-devel-1.2.2-1.mga7 irssi-perl-1.2.2-1.mga7 irssi-otr-1.2.2-1.mga7 from irssi-1.2.2-1.mga7.src.rpm Assignee:
jani.valimaa =>
qa-bugs MGA7-64 gnome 14:21 -!- ___ _ 14:21 -!- |_ _|_ _ _____(_) 14:21 -!- | || '_(_-<_-< | 14:21 -!- |___|_| /__/__/_| 14:21 -!- Irssi v1.2.2 - https://irssi.org Participated in the QA meeting and it worked. Whiteboard:
(none) =>
MGA7-64-OK Good enough for me, Brian. Validating. Advisory in Comment 1. Keywords:
(none) =>
validated_update
Thomas Backlund
2019-09-06 18:43:53 CEST
CC:
(none) =>
tmb An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0255.html Status:
NEW =>
RESOLVED |