Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[Security Announce] [ MDVSA-2009:133 ] irssi

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

This is a multi-part message in MIME format...

 

------------=_1245161168-27111-5727

 

 

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

_______________________________________________________________________

 

Mandriva Linux Security Advisory MDVSA-2009:133

http://www.mandriva.com/security/

_______________________________________________________________________

 

Package : irssi

Date : June 16, 2009

Affected: 2008.1, 2009.0, 2009.1, Corporate 3.0

_______________________________________________________________________

 

Problem Description:

 

A vulnerability has been found and corrected in irssi:

 

Off-by-one error in the event_wallops function in

fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers

to cause a denial of service (crash) via an empty command, which

triggers a one-byte buffer under-read and a one-byte buffer underflow

(CVE-2009-1959).

 

This update provides fixes for this vulnerability.

_______________________________________________________________________

 

References:

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1959

_______________________________________________________________________

 

Updated Packages:

 

Mandriva Linux 2008.1:

7666ac4b0ee6be35f6c61c88937b4929 2008.1/i586/irssi-0.8.12-3.1mdv2008.1.i586.rpm

3c9d4ce7992efeeb4902d01cf0904be7 2008.1/i586/irssi-devel-0.8.12-3.1mdv2008.1.i586.rpm

8559da090d172911312f0b3536b414c4 2008.1/i586/irssi-perl-0.8.12-3.1mdv2008.1.i586.rpm

f9b68d781fe6476bc8050c2f00726c41 2008.1/SRPMS/irssi-0.8.12-3.1mdv2008.1.src.rpm

 

Mandriva Linux 2008.1/X86_64:

1b8e64c328e18f452b9b59d489f33941 2008.1/x86_64/irssi-0.8.12-3.1mdv2008.1.x86_64.rpm

1a1da766b58e5318a22e7084e3b196ac 2008.1/x86_64/irssi-devel-0.8.12-3.1mdv2008.1.x86_64.rpm

51adab508e1d513bdb9d7d40b5069a7a 2008.1/x86_64/irssi-perl-0.8.12-3.1mdv2008.1.x86_64.rpm

f9b68d781fe6476bc8050c2f00726c41 2008.1/SRPMS/irssi-0.8.12-3.1mdv2008.1.src.rpm

 

Mandriva Linux 2009.0:

1684a3989ed164409776c89546044780 2009.0/i586/irssi-0.8.12-3.1mdv2009.0.i586.rpm

7671fbe25259b3305889975d52b834c4 2009.0/i586/irssi-devel-0.8.12-3.1mdv2009.0.i586.rpm

13b3f2f3a0aa054db77ad53a447e5fe6 2009.0/i586/irssi-perl-0.8.12-3.1mdv2009.0.i586.rpm

64ec4fbff1686d3fbcab88520f669fa5 2009.0/SRPMS/irssi-0.8.12-3.1mdv2009.0.src.rpm

 

Mandriva Linux 2009.0/X86_64:

77c019b09105e045e98f70748d20f56b 2009.0/x86_64/irssi-0.8.12-3.1mdv2009.0.x86_64.rpm

efd08c666aa1ad1014c40244e69dbf79 2009.0/x86_64/irssi-devel-0.8.12-3.1mdv2009.0.x86_64.rpm

051858b7540f7fa8e3c6c0141cb2d200 2009.0/x86_64/irssi-perl-0.8.12-3.1mdv2009.0.x86_64.rpm

64ec4fbff1686d3fbcab88520f669fa5 2009.0/SRPMS/irssi-0.8.12-3.1mdv2009.0.src.rpm

 

Mandriva Linux 2009.1:

0dbd4c60bcb4baad613c066edc8a9928 2009.1/i586/irssi-0.8.12-4.1mdv2009.1.i586.rpm

90646d0b03a43228cb301d017cc1e516 2009.1/i586/irssi-devel-0.8.12-4.1mdv2009.1.i586.rpm

492d3bb18444d889c26a15fed4bcde71 2009.1/i586/irssi-perl-0.8.12-4.1mdv2009.1.i586.rpm

fb8e4a81570e8af0b02db392c324849e 2009.1/SRPMS/irssi-0.8.12-4.1mdv2009.1.src.rpm

 

Mandriva Linux 2009.1/X86_64:

763e7d2df4275f13bc04c89ebb28e744 2009.1/x86_64/irssi-0.8.12-4.1mdv2009.1.x86_64.rpm

389a2932a04ee531245b2d5398b3959c 2009.1/x86_64/irssi-devel-0.8.12-4.1mdv2009.1.x86_64.rpm

7c278e8ac8e85d1e047cc64179b5196e 2009.1/x86_64/irssi-perl-0.8.12-4.1mdv2009.1.x86_64.rpm

fb8e4a81570e8af0b02db392c324849e 2009.1/SRPMS/irssi-0.8.12-4.1mdv2009.1.src.rpm

 

Corporate 3.0:

2e896fd5f40335522487871773aeb079 corporate/3.0/i586/irssi-0.8.9-2.1.C30mdk.i586.rpm

998b302c79e9e42564588c5a2cde0d92 corporate/3.0/i586/irssi-devel-0.8.9-2.1.C30mdk.i586.rpm

a36c0604ae531ba14108008d346d9b28 corporate/3.0/SRPMS/irssi-0.8.9-2.1.C30mdk.src.rpm

 

Corporate 3.0/X86_64:

bcdeed0d1a345aad7e1ddeacae5dac92 corporate/3.0/x86_64/irssi-0.8.9-2.1.C30mdk.x86_64.rpm

eb21881f04f1308567cdfb355266c8b4 corporate/3.0/x86_64/irssi-devel-0.8.9-2.1.C30mdk.x86_64.rpm

a36c0604ae531ba14108008d346d9b28 corporate/3.0/SRPMS/irssi-0.8.9-2.1.C30mdk.src.rpm

_______________________________________________________________________

 

To upgrade automatically use MandrivaUpdate or urpmi. The verification

of md5 checksums and GPG signatures is performed automatically for you.

 

All packages are signed by Mandriva for security. You can obtain the

GPG public key of the Mandriva Security Team by executing:

 

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 

You can view other update advisories for Mandriva Linux at:

 

http://www.mandriva.com/security/advisories

 

If you want to report vulnerabilities, please contact

 

security_(at)_mandriva.com

_______________________________________________________________________

 

Type Bits/KeyID Date User ID

pub 1024D/22458A98 2000-07-10 Mandriva Security Team

 

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.9 (GNU/Linux)

 

iD8DBQFKN3m2mqjQ0CJFipgRAsTdAJwPbdOswHmhm5mUn/htoCG0GPOyrwCgr9pu

VHVWemrVNgtvzoBT/KZCOBg=

=DMv8

-----END PGP SIGNATURE-----

 

 

------------=_1245161168-27111-5727

Content-Type: text/plain; name="message-footer.txt"

Content-Disposition: inline; filename="message-footer.txt"

Content-Transfer-Encoding: 8bit

 

To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org

with this subject : unsubscribe security-announce

_______________________________________________________

Want to buy your Pack or Services from Mandriva?

Go to http://www.mandrivastore.com

Join the Club : http://www.mandrivaclub.com

_______________________________________________________

 

------------=_1245161168-27111-5727--

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×