Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 32: FEDORA-2020-d242130019 Moderate: WeeChat Denial Of Service

fedora
Calendar Grey March 29, 2020
Dist Fedora Esm H88
The latest release of Empathy in Ubuntu 20.04 tackles performance enhancements and fixes security vulnerabilities. Keep your installation current!
New version, fixes a lot of bugs (some of them security)

Summary

WeeChat (Wee Enhanced Environment for Chat) is a portable, fast, light and

extensible IRC client. Everything can be done with a keyboard.

It is customizable and extensible with scripts.

New version, fixes a lot of bugs (some of them security). In the same update,

fixed up epel7 build to latest version as well.

* Thu Feb 20 2020 Joe Walker - 2.7.1-1

- Update to Version 2.7.1

(https://weechat.org/files/releasenotes/ReleaseNotes-2.7.1.html)

(https://www.cve.org/CVERecord?id=CVE-2020-8955)

[ 1 ] Bug #1444882 - CVE-2017-8073 weechat: Buffer overflow in the irc_ctcp_dcc_filename_without_quotes function [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1444882

[ 2 ] Bug #1500078 - weechat: Uninitialized buffer used in logger plugin [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1500078

[ 3 ] Bug #1648007 - Weechat 2.3 is currently available

https://bugzilla.redhat.com/show_bug.cgi?id=1648007

[ 4 ] Bug #1677974 - weechat-2.4 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1677974

[ 5 ] Bug #1718050 - weechat-2.7.1 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1718050

[ 6 ] Bug #1793597 - weechat is missing sources

https://bugzilla.redhat.com/show_bug.cgi?id=1793597

[ 7 ] Bug #1803065 - CVE-2020-8955 weechat: denial of service in irc_mode_channel_update in plugins/irc/irc-mode.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1803065

[ 8 ] Bug #1803066 - CVE-2020-8955 weechat: denial of service in irc_mode_channel_update in plugins/irc/irc-mode.c [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1803066

su -c 'dnf upgrade --advisory FEDORA-2020-d242130019' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory moderate denial of service Fedora IRC client bug fixes WeeChat

Change Log

References

Update Instructions

Product: Fedora 32
Version: 2.7.1
Release: 1.fc32
URL: https://weechat.org/
Summary: Portable, fast, light and extensible IRC client

Topics%20covered

Topics Covered

security advisory moderate denial of service Fedora IRC client bug fixes WeeChat

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here