Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 54 articles for you...
203
security advisorycriticalsecurity fixMageia 9: 2024-0063 Critical Use-After-Free Issue In Irssi Fix
The updated packages fix a security vulnerability: Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line. (CVE-2023-29132) . MGASA-2024-0063 - Updated irssi packages fix security vulnerabilities Publication date: 15 Mar 2024 URL: https://advisories.mageia.org/MGASA-2024-0063.html Type: security Affected Mageia releases: 9 CVE: CVE-2023-29132 The updated packages fix a security vulnerability: Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line. (CVE-2023-29132) References: - https://bugs.mageia.org/show_bug.cgi?id=31754 - https://irssi.org/security/irssi_sa_2023_03.txt - https://ubuntu.com/security/notices/USN-6002-1 - https://www.cve.org/CVERecord?id=CVE-2023-29132 SRPMS: - 9/core/irssi-1.4.3-1.1.mga9 . Recent updates to irssi packages address a significant use-after-free vulnerability impacting Mageia 9. For further details, consult the advisory.. Irssi Security Update, Mageia 9 Advisory, Use-After-Free Issue, Security Vulnerability Fix. . Severity: Critical. LinuxSecurity.com Team
Mar 15, 2024
•Critical
Mageia
172
security advisorymoderate threatubuntuUbuntu 22.10: USN-6002-1 Moderate: Irssi Internal Crash Issue
Irssi could be made to crash in specific scenarios.. =========================================================================Ubuntu Security Notice USN-6002-1 April 10, 2023 irssi vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 Summary: Irssi could be made to crash in specific scenarios. Software Description: - irssi: terminal based IRC client Details: It was discovered that Irssi incorrectly handled certain internal routines. An attacker could possibly use this issue to cause a crash. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: irssi 1.4.2-1ubuntu1.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6002-1 CVE-2023-29132 Package Information: https://launchpad.net/ubuntu/+source/irssi/1.4.2-1ubuntu1.1 . Irssi users on Ubuntu 22.10 may encounter crashes under certain conditions stemming from a security vulnerability. It's advisable to update your system to ensure safety.. irssi update, ubuntu security, irssi crash issue, system protection. . Severity: Important. LinuxSecurity.com Team
Apr 10, 2023
•Important
Ubuntu
202
security advisorymoderateupdateopenSUSE: 2021:0595-1 Moderate: Irssi Memory Leak Issue
An update that contains security fixes can now be installed. . openSUSE Security Update: Security update for irssi ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0595-1 Rating: moderate References: #1184848 Affected Products: openSUSE Backports SLE-15-SP2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for irssi fixes the following issues: irssi was updated to 1.2.3 (boo#1184848) - Fix the compilation of utf8proc (#1021) - Fix wrong call to free. By Zero King (#1076) - Fix a colour reset in true colour themes when encountering mIRC colours (#1059) - Fix memory leak on malformed CAP requests (#1120) - Fix an erroneous free of SASL data. Credit to Oss-Fuzz (#1128, #1130) - Re-set the TLS flag when reconnecting (#1027, #1134) - Fix the scrollback getting stuck after /clear (#1115, #1136) - Fix the input of Ctrl+C as the first character (#1153, #1154) - Fix crash on quit during unloading of modules on certain platforms (#1167) - Fix Irssi freezing input after Ctrl+Space on GLib > 2.62 (#1180, #1183) - Fix layout of IDCHANs. By Lauri Tirkkonen (#1197) - Fix crash when server got reconnected before it was properly connected (#1210, #1211) - Fix multiple identical active caps (#1249) - Minor help corrections (#1156, #1213, #1214, #1255) - Remove erroneous colour in the colorless theme. Reported and fixed by Nutchanon Wetchasit (#1220, #1221) - Fix invalid bounds calculation when editing the text entry. Found and fixed by Sergey Valentey (#1269) - Fix passing of negative size in buffer writes. Found and fixed by Sergey Valentey (#1270) - Fix Irssi freezing on slow hardware and fast DCC transfers (#159, #1271) - Fix compilation on Solaris (#1291) - Fix null pointer dereference whenreceiving broken JOIN record. Credit to Oss-Fuzz (#1292) - Fix crash on /connect to some sockets (#1239, #1298) - Fix Irssi rendering on Apple ARM. By Misty De M??o (#1267, #1268, #1290) - Fix crash on /lastlog with broken lines (#1281, #1299) - Fix memory leak when receiving bogus SASL authentication data. Found and fixed by Sergey Valentey (#1293) This update was imported from the openSUSE:Leap:15.2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP2: zypper in -t patch openSUSE-2021-595=1 Package List: - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64): irssi-1.2.3-bp152.5.4.1 irssi-devel-1.2.3-bp152.5.4.1 References: https://bugzilla.suse.com/1184848 . The latest patch for irssi addresses multiple vulnerabilities, correcting a memory overflow and resolving connectivity problems specifically on Fedora platforms.. Irssi Updates, OpenSUSE Patches, Security Fixes. . LinuxSecurity.com Team
Apr 22, 2021
OpenSUSE
202
security advisorymoderatesecurity fixopenSUSE Leap 15.2: 2021:0587-1 Moderate: irssi Security Fix Details
An update that contains security fixes can now be installed. . openSUSE Security Update: Security update for irssi ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0587-1 Rating: moderate References: #1184848 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for irssi fixes the following issues: irssi was updated to 1.2.3 (boo#1184848) - Fix the compilation of utf8proc (#1021) - Fix wrong call to free. By Zero King (#1076) - Fix a colour reset in true colour themes when encountering mIRC colours (#1059) - Fix memory leak on malformed CAP requests (#1120) - Fix an erroneous free of SASL data. Credit to Oss-Fuzz (#1128, #1130) - Re-set the TLS flag when reconnecting (#1027, #1134) - Fix the scrollback getting stuck after /clear (#1115, #1136) - Fix the input of Ctrl+C as the first character (#1153, #1154) - Fix crash on quit during unloading of modules on certain platforms (#1167) - Fix Irssi freezing input after Ctrl+Space on GLib > 2.62 (#1180, #1183) - Fix layout of IDCHANs. By Lauri Tirkkonen (#1197) - Fix crash when server got reconnected before it was properly connected (#1210, #1211) - Fix multiple identical active caps (#1249) - Minor help corrections (#1156, #1213, #1214, #1255) - Remove erroneous colour in the colorless theme. Reported and fixed by Nutchanon Wetchasit (#1220, #1221) - Fix invalid bounds calculation when editing the text entry. Found and fixed by Sergey Valentey (#1269) - Fix passing of negative size in buffer writes. Found and fixed by Sergey Valentey (#1270) - Fix Irssi freezing on slow hardware and fast DCC transfers (#159, #1271) - Fix compilation on Solaris (#1291) - Fix null pointer dereference when receiving brokenJOIN record. Credit to Oss-Fuzz (#1292) - Fix crash on /connect to some sockets (#1239, #1298) - Fix Irssi rendering on Apple ARM. By Misty De M??o (#1267, #1268, #1290) - Fix crash on /lastlog with broken lines (#1281, #1299) - Fix memory leak when receiving bogus SASL authentication data. Found and fixed by Sergey Valentey (#1293) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-587=1 Package List: - openSUSE Leap 15.2 (x86_64): irssi-1.2.3-lp152.3.3.1 irssi-debuginfo-1.2.3-lp152.3.3.1 irssi-debugsource-1.2.3-lp152.3.3.1 irssi-devel-1.2.3-lp152.3.3.1 References: https://bugzilla.suse.com/1184848 . This Fedora security patch targets essential improvements for vim to boost functionality and reliability. Discover more.. openSUSE Security Update, irssi fixes, security improvements, system vulnerabilities. . LinuxSecurity.com Team
Apr 19, 2021
OpenSUSE
99
security advisorysoftware updateslackwareSlackware: 2021-102-02 Moderate: Irssi Security Update Available
New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] irssi (SSA:2021-102-02) New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/irssi-1.2.3-i586-1_slack14.2.txz: Upgraded. This update fixes bugs and security issues. See the NEWS file for details. (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/irssi-1.2.3-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/irssi-1.2.3-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/irssi-1.2.3-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/irssi-1.2.3-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: Updated package for Slackware x86_64 14.2: Updated package for Slackware -current: Updated package for Slackware x86_64 -current: MD5 signatures: +-------------+ Slackware 14.0 package: 264311aae69b91408dbffa968e0483e4 irssi-1.2.3-i486-1_slack14.0.txz Slackware x86_64 14.0 package: b859a538a7445f6bab88b91898f066bb irssi-1.2.3-x86_64-1_slack14.0.txz Slackware 14.1 package: 7973d2bc69e892eea5bcf46c65df9656 irssi-1.2.3-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 196668b9813d4b84073b3d5c22ae57eb irssi-1.2.3-x86_64-1_slack14.1.txz Slackware 14.2 package: d59084abac4f93be605b72d89dd0281a irssi-1.2.3-i586-1_slack14.2.txz Slackware x86_64 14.2 package: 3ab20d78b296642d136f2e4069c0328d irssi-1.2.3-x86_64-1_slack14.2.txz Slackware -current package: ee11c5595b78c0c1ca343b73db6e1e0a n/irssi-1.2.3-i586-1.txz Slackware x86_64 -current package: 3f8a35ee5cf71861869cf9596e94466b n/irssi-1.2.3-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg irssi-1.2.3-i586-1_slack14.2.txz +-----+ . Recent upgrades to irssi packages address security vulnerabilities affecting Slackware 14.0 through -current. Ensure your system's safety by performing an upgrade today!. Irssi Packages, Slackware Security Update, Threat Mitigation. . Severity: Important. LinuxSecurity.com Team
Apr 12, 2021
•Important
Slackware
98
security advisorysecurity issueRed HatRedHat: RHSA-2020:1616-01 Low Severity: Irssi DoS Impact
An update for irssi is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: irssi security update Advisory ID: RHSA-2020:1616-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1616 Issue date: 2020-04-28 CVE Names: CVE-2019-13045 ==================================================================== 1. Summary: An update for irssi is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Irssi is a modular IRC client with Perl scripting. Security Fix(es): * irssi: use after free when sending SASL login to server (CVE-2019-13045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed(https://bugzilla.redhat.com/): 1727683 - CVE-2019-13045 irssi: use after free when sending SASL login to server 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: irssi-1.1.1-3.el8.src.rpm aarch64: irssi-1.1.1-3.el8.aarch64.rpm irssi-debuginfo-1.1.1-3.el8.aarch64.rpm irssi-debugsource-1.1.1-3.el8.aarch64.rpm ppc64le: irssi-1.1.1-3.el8.ppc64le.rpm irssi-debuginfo-1.1.1-3.el8.ppc64le.rpm irssi-debugsource-1.1.1-3.el8.ppc64le.rpm s390x: irssi-1.1.1-3.el8.s390x.rpm irssi-debuginfo-1.1.1-3.el8.s390x.rpm irssi-debugsource-1.1.1-3.el8.s390x.rpm x86_64: irssi-1.1.1-3.el8.x86_64.rpm irssi-debuginfo-1.1.1-3.el8.x86_64.rpm irssi-debugsource-1.1.1-3.el8.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): aarch64: irssi-debuginfo-1.1.1-3.el8.aarch64.rpm irssi-debugsource-1.1.1-3.el8.aarch64.rpm irssi-devel-1.1.1-3.el8.aarch64.rpm ppc64le: irssi-debuginfo-1.1.1-3.el8.ppc64le.rpm irssi-debugsource-1.1.1-3.el8.ppc64le.rpm irssi-devel-1.1.1-3.el8.ppc64le.rpm s390x: irssi-debuginfo-1.1.1-3.el8.s390x.rpm irssi-debugsource-1.1.1-3.el8.s390x.rpm irssi-devel-1.1.1-3.el8.s390x.rpm x86_64: irssi-debuginfo-1.1.1-3.el8.i686.rpm irssi-debuginfo-1.1.1-3.el8.x86_64.rpm irssi-debugsource-1.1.1-3.el8.i686.rpm irssi-debugsource-1.1.1-3.el8.x86_64.rpm irssi-devel-1.1.1-3.el8.i686.rpm irssi-devel-1.1.1-3.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-13045 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXqhVYtzjgjWX9erEAQgJHQ//UPBjusvsnrrO7OsN7J0NtXl3DLGfgKXL vO1DeSk3wp7GUeM562vwgR/qkkKjIPrgYKulZsQUKfeAgQOmdzgo2rmdoqlGl87/ i3b7UBAdoL1SKEDIPqpDTtfzRWMSgx5fH6xwonqSU+s/q8SFguW3HZuZId+JimoT lW1Knhlk0ETHw0a2KzDplC4AFmOTe2D7i1LYo6x+xsV+GFnC5Nk7/C4cWg6NE+lB oShaADbZpyDwgO6UwIhb4D/d0TYN5f9MGB21k4Id49S7WUJMh9MJXZJO25j0Bd9b 56b49lpYwOZPmmh9vSzWC1x14Xw0OpC6Xvpe3/NnpnHbnhJ3b9pAEV8+hs+/4iPS Dh4M8tCFj3ReNtEtN6WZ7A0cICCNEm/0a+FxddQybfeDMA2pujL1AF6qQtYgQVvf j8zcX9FUYZlE+ltcnmrLLnU4bJ3ZxcZIMmF7yC19cHp/pxrD9asjqaGR2L9+1N27 Lm08BiNba6wy5QZeH77+rdwoixn4xBjGSY/qKFvxUApCmutpzN7n1cYu9idyNWwT P+jIt8/aRf9cB6j7rPtNdpgHb7emfoja+fiJ/OqFxnI7ExRjqZohQdkIpuq0vqyi IPtLNGcpm3vVgWsaVdYP/vezQ+LqaLtKriP2D2kK0HbdrmnhI9AuZatv86n/dsNe OVy4PUqWjsM=SUVQ -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Apr 28, 2020
•Low
Red Hat
89
security advisorycriticalsoftware updateFedora 32: 2020-e337c071a2 Urgent: irssi Memory-Leak Resolution
This is new version of irssi fixing CVE-2019-15717.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-d2257607b8 2019-09-14 16:29:06.038639 --------------------------------------------------------------------------------Name : irssi Product : Fedora 31 Version : 1.2.2 Release : 1.fc31 URL : https://irssi.org/ Summary : Modular text mode IRC client with Perl scripting Description : Irssi is a modular IRC client with Perl scripting. Only text-mode frontend is currently supported. The GTK/GNOME frontend is no longer being maintained. --------------------------------------------------------------------------------Update Information: This is new version of irssi fixing CVE-2019-15717. --------------------------------------------------------------------------------References: [ 1 ] Bug #1747346 - CVE-2019-15717 Irssi: use-after-free if the IRC server sends double CAP https://bugzilla.redhat.com/show_bug.cgi?id=1747346 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-d2257607b8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Sep 14, 2019
•Important
Fedora
203
security advisorysecurity issueirssiMageia 7: MGASA-2019-0255 Moderate: irssi Use-After-Free Issue
Updated irssi packages fix security vulnerability: Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP (CVE-2019-15717). . MGASA-2019-0255 - Updated irssi packages fix security vulnerability Publication date: 06 Sep 2019 URL: https://advisories.mageia.org/MGASA-2019-0255.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-15717 Updated irssi packages fix security vulnerability: Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP (CVE-2019-15717). References: - https://bugs.mageia.org/show_bug.cgi?id=25388 - https://www.openwall.com/lists/oss-security/2019/08/29/3 - https://www.cve.org/CVERecord?id=CVE-2019-15717 SRPMS: - 7/core/irssi-1.2.2-1.mga7 . Irssi version 1.2.x has released an update to mitigate a critical use-after-free security flaw. Discover further insights regarding the patch and the specific security implications involved.. irssi update, security patch, Mageia, use-after-free, security advisory. . LinuxSecurity.com Team
Sep 06, 2019
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!