openSUSE Security Update : irssi (openSUSE-2017-241)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The IRC textmode client irssi was updated to version 1.0.1 to fix bugs
and security issues.

irssi 1.0.1 :

- Fix Perl compilation in object dir

- Fix incorrect HELP SERVER example

- Correct memory leak in /OP and /VOICE

- Fix regression that broke second level completion

- Correct missing NULL termination in perl_parse
boo#1023638

- Sync broken mail.pl script

- Prevent a memory leak during the processing of the SASL
response boo#1023637

irssi 1.0.0 :

- irssiproxy can now forward all tags through a single
port.

- The kill buffer now remembers consecutive kills. New
bindings were added: yank_next_cutbuffer and
append_next_kill.

- autolog_ignore_targets and activity_hide_targets learn a
new syntax tag/* and * to ignore whole networks or
everything.

- hilight got a -matchcase flag to hilight case
sensitively.

- Display TLS connection information upon connect. You can
disable this by setting tls_verbose_connect to FALSE

- Certificate pinning for TLS certificates

- /names and $[…] now uses utf8 string operations.

- New setting completion_nicks_match_case

- /channel /server /network now support modify subcommand.

- New option sasl_disconnect_on_failure to disconnect when
SASL log-in failed.

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1023637
https://bugzilla.opensuse.org/show_bug.cgi?id=1023638

Solution :

Update the affected irssi packages.

Risk factor :

Medium

Family: SuSE Local Security Checks

Nessus Plugin ID: 97114 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now