Change logs for irssi source package in Cosmic
-
irssi (1.1.1-1ubuntu1.2) cosmic-security; urgency=medium * SECURITY UPDATE: User after free - debian/patches/CVE-2019-13045.patch: copy sasl username and password values in src/irc/core/irc-core.c, src/irc/core/irc-servers-reconnect.c, src/irc/core/irc-servers-setup.c. - CVE-2019-13045 -- <email address hidden> (Leonidas S. Barbosa) Tue, 02 Jul 2019 10:57:48 -0300
-
irssi (1.1.1-1ubuntu1.1) cosmic-security; urgency=medium * SECURITY UPDATE: Use after free - debian/patches/CVE-2019-5882.patch: fix in src/fe-text/textbuffer-view.c. - CVE-2019-5882 -- <email address hidden> (Leonidas S. Barbosa) Wed, 16 Jan 2019 09:06:18 -0300
-
irssi (1.1.1-1ubuntu1) devel; urgency=medium * Merge from Debian. Remaining changes: - Refresh and re-enabled 20fix_ssl_proxy_hostname_check. - When we have a proxy setting, we expect the CN to match the proxy hostname, not the server hostname. - d/p/03firsttimer_text: + Adapt 03firsttimer_text so it tells you about connecting to freenode and joining #ubuntu. * Changes no longer needed: - d/p/90irc-ubuntu-com: + irc.ubuntu.com was a CNAME to irc.freenode.net, but this prevents us from recommending and verifying TLS connections. (LP: #1456778) irssi (1.1.1-1) unstable; urgency=medium [ Rhonda D'Vine ] * New upstream release. * Uploaded from mIRC. * Adjust 03firsttimer_text patch for new location of the text. * Update copyright format URL to use https. * Install example scripts. * Bump Standards-Version to 4.1.4. * Move repository to salsa, update Vcs-* URLs. [ Unit 193 ] * Use https for upstream homepage. * /connect OFTC instead of irc.debian.org to get an ssl connection. -- Unit 193 <email address hidden> Fri, 27 Jul 2018 07:01:51 -0400
-
irssi (1.0.7-1ubuntu1) cosmic; urgency=medium * Merge from Debian (LP: #1754781). Remaining changes: - Refresh and re-enabled 20fix_ssl_proxy_hostname_check. - When we have a proxy setting, we expect the CN to match the proxy hostname, not the server hostname. - d/p/90irc-ubuntu-com: + Add the Ubuntu network with irc.ubuntu.com as the server, which is currently a CNAME for chat.freenode.net. - d/p/03firsttimer_text: + Adapt 03firsttimer_text so it tells you about connecting to Ubuntu and joining #ubuntu. * Changes no longer needed: - d/p/CVE-2018-xxxx.patch: Applied upstream. irssi (1.0.7-1) unstable; urgency=high * New upstream bugfix release (closes: #886475): From 1.0.6: - Fix invalid memory access when reading hilight configuration (#787, #788). - Fix null pointer dereference when the channel topic is set without specifying a sender [CVE-2018-5206] - Fix return of random memory when using incomplete escape codes [CVE-2018-5205] - Fix heap buffer overflow when completing certain strings [CVE-2018-5208] - Fix return of random memory when using an incomplete variable argument [CVE-2018-5207] From 1.0.7: - Prevent use after free error during the execution of some commands. Found by Joseph Bisch [CVE-2018-7054] (closes: #890674) - Revert netsplit print optimisation due to crashes - Fix use after free when SASL messages are received in unexpected order [CVE-2018-7053] (closes: #890675) - Fix null pointer dereference in the tab completion when an empty nick is joined [CVE-2018-7050] (closes: #890678) - Fix use after free when entering oper password - Fix null pointer dereference when too many windows are opened [CVE-2018-7052] (closes: #890676) - Fix out of bounds access in theme strings when the last escape is incomplete. Credit to Oss-Fuzz [CVE-2018-7051] (closes: #890677) - Fix out of bounds write when using negative counts on window resize - Minor help correction. By William Jackson * Fix watch URL. * Bump to debhelper compat 11, remove autotools-dev Build-Depends. * Bump Standards-Version to 4.1.3. * Add lintian overrides for the spelling of "hilight" in the changelog mentioning the lintian overrides for the spelling of "hilight" in irssi itself. -- Unit 193 <email address hidden> Fri, 09 Mar 2018 17:54:53 -0500
-
irssi (1.0.5-1ubuntu5) cosmic; urgency=medium * No-change rebuild for ncurses soname changes. -- Matthias Klose <email address hidden> Thu, 03 May 2018 14:16:07 +0000
-
irssi (1.0.5-1ubuntu4) bionic; urgency=medium * SECURITY UPDATE: Null pointer dereference - debian/patches/CVE-2018-7050.patch: check if nick is Null in src/fe-common/core/chat-completion.c. - CVE-2018-7050 * SECURITY UPDATE: Certain nick names result in out-of-bounds access - debian/patches/CVE-2018-7051.patch: don't read beyond end of escaped string in src/fe-common/core/themes.c. - CVE-2018-7051 * SECURITY UPDATE: Null pointer dereference - debian/patches/CVE-2018-7052.patch: check if window parent is Null in src/fe-text/mainwindows.c. - CVE-2018-7052 * SECURITY UPDATE: use-after-free - debian/patches/CVE-2018-7053.patch: avoiding reuse sasl timeout in src/irc/core/sasl.c. - CVE-2018-7073 -- <email address hidden> (Leonidas S. Barbosa) Tue, 06 Mar 2018 11:03:13 -0300