Mageia 7: 2020-0153 Moderate: Weechat NULL Pointer & Buffer Overflow
mageia
April 2, 2020
Updated weechat packages fix security vulnerabilities: An issue was discovered in WeeChat before 2.7.1 (0.4.0 to 2.7 are affected)
Summary
Updated weechat packages fix security vulnerabilities:
An issue was discovered in WeeChat before 2.7.1 (0.4.0 to 2.7 are
affected). A malformed message 352 (who) can cause a NULL pointer
dereference in the callback function, resulting in a crash
(CVE-2020-9759).
An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are
affected). When a new IRC message 005 is received with longer nick
prefixes, a buffer overflow and possibly a crash can happen when a
new mode is set for a nick (CVE-2020-9760).
References
- https://bugs.mageia.org/show_bug.cgi?id=26400
- https://lists.debian.org/debian-lts-announce/2020/03/msg00031.html
- https://www.cve.org/CVERecord?id=CVE-2020-9759
- https://www.cve.org/CVERecord?id=CVE-2020-9760
Topics Covered
Resolution
SRPMS
- 7/core/weechat-2.7.1-1.mga7
PREVIOUS
NEXT
Publication date: 02 Apr 2020
URL: https://advisories.mageia.org/MGASA-2020-0153.html
Type: security
CVE: CVE-2020-9759,
CVE-2020-9760
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!