Bug 23317 - Irssi 0.8.15 Released
Summary: Irssi 0.8.15 Released
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: irssi (show other bugs)
Version: unstable
Hardware: all Linux
: P3 enhancement
Assignee: Vladimir Lettiev
QA Contact: qa-sisyphus
URL: http://irssi.org/news
Keywords:
Depends on:
Blocks:
 
Reported: 2010-04-11 00:26 MSD by Sir Raorn
Modified: 2010-04-19 13:43 MSD (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sir Raorn 2010-04-11 00:26:34 MSD
The Irssi team is pleased to announce the 0.8.15 release of Irssi. It has been quite some time since our last release and there has been various feature enhancements and bugfixes added since then.

This release fixes two security issues: The first being that Irssi didn't check hostname on SSL connections and the other being a hard to exploit remote crash bug.
Comment 1 Repository Robot 2010-04-19 13:43:30 MSD
irssi-0.8.15-alt1 -> sisyphus:

* Mon Apr 19 2010 Vladimir V. Kamarzin <vvk@altlinux> 0.8.15-alt1

- 0.8.15 (Closes: #23317). Security fixes:
  + CVE-2010-1155 (poor verification the hostname of the server when
    using SSL connections)
  + CVE-2010-1156 (A NULL-pointer dereference error in
    src/core/nicklist.c can be exploited to cause a crash)