#23317 – Irssi 0.8.15 Released

Bug 23317 - Irssi 0.8.15 Released

Summary: Irssi 0.8.15 Released

Status:	CLOSED FIXED

Alias:	None

Product:	Sisyphus
Classification:	Development
Component:	irssi (show other bugs)
Version:	unstable
Hardware:	all Linux

Importance:	P3 enhancement
Assignee:	Vladimir Lettiev
QA Contact:	qa-sisyphus

URL:	http://irssi.org/news
Keywords:

Depends on:
Blocks:

Reported:	2010-04-11 00:26 MSD by Sir Raorn
Modified:	2010-04-19 13:43 MSD (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sir Raorn 2010-04-11 00:26:34 MSD

The Irssi team is pleased to announce the 0.8.15 release of Irssi. It has been quite some time since our last release and there has been various feature enhancements and bugfixes added since then.

This release fixes two security issues: The first being that Irssi didn't check hostname on SSL connections and the other being a hard to exploit remote crash bug.

Comment 1 Repository Robot 2010-04-19 13:43:30 MSD

irssi-0.8.15-alt1 -> sisyphus:

* Mon Apr 19 2010 Vladimir V. Kamarzin <vvk@altlinux> 0.8.15-alt1

- 0.8.15 (Closes: #23317). Security fixes:
  + CVE-2010-1155 (poor verification the hostname of the server when
    using SSL connections)
  + CVE-2010-1156 (A NULL-pointer dereference error in
    src/core/nicklist.c can be exploited to cause a crash)