Mandrake alert: Updated irssi packages fix remote crash

Posted by dave on Dec 18, 2003 7:50 AM EDT
Mailing list
Mail this story
Print this story

A vulnerability in versions of irssi prior to 0.8.9 would allow a remote user to crash another user's irssi client provided that the client was on a non-x86 architecture or if the "gui print text" signal is being used by some script or plugin.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandrake Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           irssi
 Advisory ID:            MDKSA-2003:117
 Date:                   December 18th, 2003

 Affected versions:	 9.1, 9.2
 ______________________________________________________________________

 Problem Description:

 A vulnerability in versions of irssi prior to 0.8.9 would allow a
 remote user to crash another user's irssi client provided that the
 client was on a non-x86 architecture or if the "gui print text"
 signal is being used by some script or plugin.
 
 The updated packages provide 0.8.9 which corrects the problem.
 _______________________________________________________________________

 References:

  http://www.securityfocus.com/archive/1/347218
 ______________________________________________________________________

 Updated Packages:
  
 Mandrake Linux 9.1:
 ab459ceb0ca53a110745d94b901612c1  9.1/RPMS/irssi-0.8.9-0.1.91mdk.i586.rpm
 9f30065ecd80da6f6e1568ffe80269c1  9.1/RPMS/irssi-devel-0.8.9-0.1.91mdk.i586.rpm
 be7ee7f215a1605fc0c5e168a195c633  9.1/SRPMS/irssi-0.8.9-0.1.91mdk.src.rpm

 Mandrake Linux 9.1/PPC:
 7a40107bfd7d9c9fba8e2c30ca30b4e6  ppc/9.1/RPMS/irssi-0.8.9-0.1.91mdk.ppc.rpm
 87fff9fbee0ff24c87edde5e4b2ed715  ppc/9.1/RPMS/irssi-devel-0.8.9-0.1.91mdk.ppc.rpm
 be7ee7f215a1605fc0c5e168a195c633  ppc/9.1/SRPMS/irssi-0.8.9-0.1.91mdk.src.rpm

 Mandrake Linux 9.2:
 97f1183b4109ae677a4605aee151cf6c  9.2/RPMS/irssi-0.8.9-0.1.92mdk.i586.rpm
 b09a1ef356db586070bf696abee5a564  9.2/RPMS/irssi-devel-0.8.9-0.1.92mdk.i586.rpm
 b33bfbe2ac0e92b52bfaf05ca68dc3f0  9.2/SRPMS/irssi-0.8.9-0.1.92mdk.src.rpm

 Mandrake Linux 9.2/AMD64:
 a0ffd9b18c4ba81f178d393151b0607d  amd64/9.2/RPMS/irssi-0.8.9-0.1.92mdk.amd64.rpm
 9a147f59b58e46e516576f306545a24a  amd64/9.2/RPMS/irssi-devel-0.8.9-0.1.92mdk.amd64.rpm
 b33bfbe2ac0e92b52bfaf05ca68dc3f0  amd64/9.2/SRPMS/irssi-0.8.9-0.1.92mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 A list of FTP mirrors can be obtained from:

  http://www.mandrakesecure.net/en/ftp.php

 All packages are signed by MandrakeSoft for security.  You can obtain
 the GPG public key of the Mandrake Linux Security Team by executing:

  gpg --recv-keys --keyserver http://www.mandrakesecure.net 0x22458A98

 Please be aware that sometimes it takes the mirrors a few hours to
 update.

 You can view other update advisories for Mandrake Linux at:

  http://www.mandrakesecure.net/en/advisories/

 MandrakeSoft has several security-related mailing list services that
 anyone can subscribe to.  Information on these lists can be obtained by
 visiting:

  http://www.mandrakesecure.net/en/mlist.php

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE/4dkHmqjQ0CJFipgRAilzAJ0Sq7w/HYg1B//bC0TmBETHJG5+FgCfQ5nM
iNZVIXsI+MVEBq8Q8KumNYg=
=ksU3
-----END PGP SIGNATURE-----

  Nav
» Read more about: Story Type: Security; Groups: Mandriva

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.