Bug 23317 - Irssi 0.8.15 Released
: Irssi 0.8.15 Released
: Sisyphus
(All bugs in Sisyphus/irssi)
: unstable
: all Linux
: P3 enhancement
Assigned To:
: http://irssi.org/news
  Show dependency tree
Reported: 2010-04-11 00:26 by
Modified: 2010-04-19 13:43 (History)



You need to log in before you can comment on or make changes to this bug.

Description From 2010-04-11 00:26:34
The Irssi team is pleased to announce the 0.8.15 release of Irssi. It has been
quite some time since our last release and there has been various feature
enhancements and bugfixes added since then.

This release fixes two security issues: The first being that Irssi didn't check
hostname on SSL connections and the other being a hard to exploit remote crash
------- Comment #1 From 2010-04-19 13:43:30 -------
irssi-0.8.15-alt1 -> sisyphus:

* Mon Apr 19 2010 Vladimir V. Kamarzin <vvk@altlinux> 0.8.15-alt1

- 0.8.15 (Closes: #23317). Security fixes:
  + CVE-2010-1155 (poor verification the hostname of the server when
    using SSL connections)
  + CVE-2010-1156 (A NULL-pointer dereference error in
    src/core/nicklist.c can be exploited to cause a crash)