Accepted irssi 1.0.7-1 (source amd64) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 06 Mar 2018 14:42:44 +0100
Source: irssi
Binary: irssi irssi-dev
Architecture: source amd64
Version: 1.0.7-1
Distribution: unstable
Urgency: high
Maintainer: Rhonda D'Vine <rhonda@debian.org>
Changed-By: Rhonda D'Vine <rhonda@debian.org>
Description:
irssi - terminal based IRC client
irssi-dev - terminal based IRC client - development files
Closes: 886475 890674 890675 890676 890677 890678
Changes:
irssi (1.0.7-1) unstable; urgency=high
.
* New upstream bugfix release (closes: #886475):
From 1.0.6:
- Fix invalid memory access when reading hilight configuration
(#787, #788).
- Fix null pointer dereference when the channel topic is set
without specifying a sender [CVE-2018-5206]
- Fix return of random memory when using incomplete escape
codes [CVE-2018-5205]
- Fix heap buffer overflow when completing certain strings
[CVE-2018-5208]
- Fix return of random memory when using an incomplete
variable argument [CVE-2018-5207]
.
From 1.0.7:
- Prevent use after free error during the execution of some
commands. Found by Joseph Bisch [CVE-2018-7054] (closes: #890674)
- Revert netsplit print optimisation due to crashes
- Fix use after free when SASL messages are received in
unexpected order [CVE-2018-7053] (closes: #890675)
- Fix null pointer dereference in the tab completion when an
empty nick is joined [CVE-2018-7050] (closes: #890678)
- Fix use after free when entering oper password
- Fix null pointer dereference when too many windows are
opened [CVE-2018-7052] (closes: #890676)
- Fix out of bounds access in theme strings when the last
escape is incomplete. Credit to Oss-Fuzz [CVE-2018-7051]
(closes: #890677)
- Fix out of bounds write when using negative counts on window
resize
- Minor help correction. By William Jackson
.
* Fix watch URL.
* Bump to debhelper compat 11, remove autotools-dev Build-Depends.
* Bump Standards-Version to 4.1.3.
* Add lintian overrides for the spelling of "hilight" in the changelog
mentioning the lintian overrides for the spelling of "hilight" in irssi
itself.
Checksums-Sha1:
e2dbc91d63a972fc44c732e40215ac062cbfc842 2149 irssi_1.0.7-1.dsc
0524e5f2d465e3b04a0227dac648a26e5c6d8286 1034188 irssi_1.0.7.orig.tar.xz
0524e5f2d465e3b04a0227dac648a26e5c6d8286 1034188 irssi_1.0.7.orig.tar.xz.asc
a61600116bcf861a513a44b70a6152511076f41d 20344 irssi_1.0.7-1.debian.tar.xz
c03eabca0219054f3a30150348350718140cea2c 2981160 irssi-dbgsym_1.0.7-1_amd64.deb
faf42b31ca93ee3254a572e54d4df77b8202e9d6 453980 irssi-dev_1.0.7-1_amd64.deb
d746d0eb83b5f1a4393e2e4aa42e818018bd8943 7294 irssi_1.0.7-1_amd64.buildinfo
942d1b575dd70ee6f67a418eab2deaea5338635d 1085660 irssi_1.0.7-1_amd64.deb
Checksums-Sha256:
8c16bc07a086213ead747c83e8af1ee89862c9bcef16675987dc90b699787731 2149 irssi_1.0.7-1.dsc
1b386ca026aa1875c380fd00ef1d24b71fb87cdae39ef5349ecca16c4567feac 1034188 irssi_1.0.7.orig.tar.xz
1b386ca026aa1875c380fd00ef1d24b71fb87cdae39ef5349ecca16c4567feac 1034188 irssi_1.0.7.orig.tar.xz.asc
a06eedac3c912d2f14d4399591572ff98dd9601db7b6b92ba2733c319419b45c 20344 irssi_1.0.7-1.debian.tar.xz
4cff1715765c40b856780bdfa22006ac46d2ea454b3728d8b8586c069055d9a3 2981160 irssi-dbgsym_1.0.7-1_amd64.deb
e5ed60b15ca6a8408c1f23b64f6081a41c3790092a20019732e4783c89c12bbb 453980 irssi-dev_1.0.7-1_amd64.deb
b3518d0f7eb496e59c9d28824edb1882d7543753f98d3ca8fcb245a4332bab21 7294 irssi_1.0.7-1_amd64.buildinfo
ae53ebed69c37fc1716e0d06f1174846391e7f0d25c4e293dd9b53bb1f70a9e9 1085660 irssi_1.0.7-1_amd64.deb
Files:
79a9214fd3ffaca794ba8af35e89b92c 2149 net optional irssi_1.0.7-1.dsc
6ebf07a03b58f7af1296cd8fdbb3619f 1034188 net optional irssi_1.0.7.orig.tar.xz
6ebf07a03b58f7af1296cd8fdbb3619f 1034188 net optional irssi_1.0.7.orig.tar.xz.asc
1e28c9230efa6072958dcd54c1340a61 20344 net optional irssi_1.0.7-1.debian.tar.xz
e4f18d54ccbd6ca8002afe94c67e7b90 2981160 debug optional irssi-dbgsym_1.0.7-1_amd64.deb
fb4e099db6f0befa2beef3459ff3d957 453980 net optional irssi-dev_1.0.7-1_amd64.deb
db908039423e8578ef6e1bf0e65a4845 7294 net optional irssi_1.0.7-1_amd64.buildinfo
a7ce4ded997e5feaf5b6e716f2f5f87a 1085660 net optional irssi_1.0.7-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEELHLzKO0XByBPs0mU3ugEPuF+uzAFAlqerPoACgkQ3ugEPuF+
uzDq2RAAmKnalI5aLrEjK5/UPYISYPflqnovaE2JSb0RcgQm3GPFjqmQ967Tq7gG
ND5p958VRXEubJZen1sFnSeJtjHZ3Vm4etgJS04qijR8E4Y9y6Utd+ENCFQp++LH
zraIjlIt24FccMsUsRDSoB3xP6L0navPCsLMSHODqzcuaJxF6r/jBCNS7ULyjw9a
Cbf1Ic3eS/fR5+6szk+teOVsZH7f8+HMKURzR5Q6XmAa3+S0gDZvWmFTE7ZtE+v0
ACMWhGHsDzanCpUMsPZLUsdGVxJDSw4aXBi3yFjsgkyHd69nAwnkWkHaK3le8mI4
JwnCyZ27QH88RymtCVr5/vxpnfTDs+YWanVwVaieDauD6gCswG4maDuOHUtpmBS1
fFPsclbUXHDiY23f6BmF2Mhnr7Ev8uaTSm08beEXqhiVM7PulRuZgXdXJIBgg6a0
FCoYh9prEJghrnjepiKi0vyZYuqxvMVC9e8SOkWRswXOXMClqsKhitsSc5iAr0lZ
kTqsvRsClQvo0nlbWC2SwKpRs+X8Pw3YQ6YKYm49BwoM2OjI/eQTHvSvwniVzMc7
8MIsyqmi9TJM4S+3+9uCR+DaiYcBt5Z6qgAHz6K/vLMzbIItRzjUgMD9alO1INg3
hRPtT7GpspIRAsvsQVxHllHzy5g/M9mj5RcPeb6zFg/wZw77RYo=
=tCf9
-----END PGP SIGNATURE-----