openSUSE Security Update : irssi (openSUSE-2017-67)
Medium Nessus Plugin ID 96385
SynopsisThe remote openSUSE host is missing a security update.
Descriptionirssi was updated to fix four vulnerabilities that could result in denial of service (remote crash) when connecting to malicious servers or receiving specially crafted data. (boo#1018357)
- CVE-2017-5193: NULL pointer dereference in the nickcmp function
- CVE-2017-5194: out of bounds read in certain incomplete control codes
- CVE-2017-5195: out of bounds read in certain incomplete character sequences
- CVE-2017-5196: Correct an error when receiving invalid nick message
SolutionUpdate the affected irssi packages.