openSUSE has issued an advisory today (February 27): https://lists.opensuse.org/opensuse-updates/2020-02/msg00095.html The upstream commit that fixes the issue is linked from the SUSE bug: https://bugzilla.suse.com/show_bug.cgi?id=1163889 Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOOStatus comment: (none) => Patch available from upstream
Assigning to Stig who has done the recent updates for this.
Assignee: bugsquad => smelror
Weechat 2.7.1 has been pushed to Cauldron.
Advisory ======== Weechat has been updated to include a security fix. CVE-2020-8955: irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed IRC message 324 (channel mode). References ========== https://nvd.nist.gov/vuln/detail/CVE-2020-8955 https://lists.opensuse.org/opensuse-updates/2020-02/msg00095.html Files ===== Uploaded to core/updates_testing weechat-2.4-2.1.mga7 weechat-perl-2.4-2.1.mga7 weechat-python-2.4-2.1.mga7 weechat-guile-2.4-2.1.mga7 weechat-tcl-2.4-2.1.mga7 weechat-ruby-2.4-2.1.mga7 weechat-lua-2.4-2.1.mga7 weechat-charset-2.4-2.1.mga7 weechat-aspell-2.4-2.1.mga7 weechat-devel-2.4-2.1.mga7 from weechat-2.4-2.1.mga7.src.rpm
Source RPM: weechat-2.7-2.mga8.src.rpm => weechat-2.4-2.mga7.src.rpmAssignee: smelror => qa-bugsCVE: (none) => CVE-2020-8955Version: Cauldron => 7Whiteboard: MGA7TOO => (none)
MGA7-64 Plasma on Lenovo B50 No installation issues Ref bug21802 Comment 4 and info in https://weechat.org/files/doc/stable/weechat_quickstart.en.html I can connect to the #mageia-qa channel and post two lines. Nobody there to answer, so OK as far as I could.
Whiteboard: (none) => MGA7-64-OKCC: (none) => herman.viaene
Validating. Advisory in Comment 3.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0122.html
Status: NEW => RESOLVEDResolution: (none) => FIXED