From 7b677901da8205bb849395c29ce2b68de328801b7ab5f0dfcf9823acc035b74a Mon Sep 17 00:00:00 2001 From: Ailin Nemui Date: Sat, 6 Jan 2018 14:02:02 +0000 Subject: [PATCH] Accepting request 562173 from home:ailin_nemui:branches:server:irc - update to 1.0.6 - Fix invalid memory access when reading hilight configuration (#787, #788). - Fix null pointer dereference when the channel topic is set without specifying a sender (GL#20, GL!25). CVE-2018-5206 - Fix return of random memory when using incomplete escape codes (GL#21, GL!26). CVE-2018-5205 - Fix heap buffer overflow when completing certain strings (GL#19, GL!27). CVE-2018-5208 - Fix return of random memory when using an incomplete variable argument (GL#18, GL!28). CVE-2018-5207 OBS-URL: https://build.opensuse.org/request/show/562173 OBS-URL: https://build.opensuse.org/package/show/server:irc/irssi?expand=0&rev=96 --- irssi-1.0.5.tar.xz | 3 --- irssi-1.0.5.tar.xz.asc | 6 ------ irssi-1.0.6.tar.xz | 3 +++ irssi-1.0.6.tar.xz.asc | 6 ++++++ irssi.changes | 15 +++++++++++++++ irssi.spec | 4 ++-- 6 files changed, 26 insertions(+), 11 deletions(-) delete mode 100644 irssi-1.0.5.tar.xz delete mode 100644 irssi-1.0.5.tar.xz.asc create mode 100644 irssi-1.0.6.tar.xz create mode 100644 irssi-1.0.6.tar.xz.asc diff --git a/irssi-1.0.5.tar.xz b/irssi-1.0.5.tar.xz deleted file mode 100644 index b7cd907..0000000 --- a/irssi-1.0.5.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c2556427e12eb06cabfed40839ac6f57eb8b1aa6365fab6dfcd331b7a04bb914 -size 1032308 diff --git a/irssi-1.0.5.tar.xz.asc b/irssi-1.0.5.tar.xz.asc deleted file mode 100644 index fd4ef21..0000000 --- a/irssi-1.0.5.tar.xz.asc +++ /dev/null @@ -1,6 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iF0EABECAB0WIQR+5l4wgqX7Bqx8No0AzLWH3b7w4QUCWeoXfAAKCRAAzLWH3b7w -4V4fAKCFQv0QZ5fRqkEemOkYYKXV/bI53QCfWx2ScwDs15115ceOGrxQLIIDv54= -=Atv1 ------END PGP SIGNATURE----- diff --git a/irssi-1.0.6.tar.xz b/irssi-1.0.6.tar.xz new file mode 100644 index 0000000..84af756 --- /dev/null +++ b/irssi-1.0.6.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:029e884f3ebf337f7266d8ed4e1a035ca56d9f85015d74c868b488f279de8585 +size 1033428 diff --git a/irssi-1.0.6.tar.xz.asc b/irssi-1.0.6.tar.xz.asc new file mode 100644 index 0000000..3e72896 --- /dev/null +++ b/irssi-1.0.6.tar.xz.asc @@ -0,0 +1,6 @@ +-----BEGIN PGP SIGNATURE----- + +iF0EABECAB0WIQR+5l4wgqX7Bqx8No0AzLWH3b7w4QUCWk7ByAAKCRAAzLWH3b7w +4fk/AJ47FNq1NPyteq5jUhB90uLMFXMXrACfS/qQbgx2rEImlCwF9QzcFGG+Bt4= +=NtZ8 +-----END PGP SIGNATURE----- diff --git a/irssi.changes b/irssi.changes index 5046163..3d23d53 100644 --- a/irssi.changes +++ b/irssi.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Sat Jan 6 13:47:12 UTC 2018 - ailin.nemui@gmail.com + +- update to 1.0.6 + - Fix invalid memory access when reading hilight configuration + (#787, #788). + - Fix null pointer dereference when the channel topic is set + without specifying a sender (GL#20, GL!25). CVE-2018-5206 + - Fix return of random memory when using incomplete escape + codes (GL#21, GL!26). CVE-2018-5205 + - Fix heap buffer overflow when completing certain strings + (GL#19, GL!27). CVE-2018-5208 + - Fix return of random memory when using an incomplete + variable argument (GL#18, GL!28). CVE-2018-5207 + ------------------------------------------------------------------- Sun Oct 22 13:46:51 UTC 2017 - ailin.nemui@gmail.com diff --git a/irssi.spec b/irssi.spec index ba6fe61..bf1e6dc 100644 --- a/irssi.spec +++ b/irssi.spec @@ -1,7 +1,7 @@ # # spec file for package irssi # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %bcond_with socks Name: irssi -Version: 1.0.5 +Version: 1.0.6 Release: 0 # Summary: Modular, Secure, and Well Designed IRC Client