Debian Security Advisory
DLA-722-1 irssi -- LTS security update
- Date Reported:
- 25 Nov 2016
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 838762.
In Mitre's CVE dictionary: CVE-2016-7553.
- More information:
An information disclosure vulnerability was found in irssi.
Other users on the same machine as the user running irssi with buf.pl loaded may be able to retrieve the whole window contents after /UPGRADE. Furthermore, this dump of the windows contents is never removed afterwards.
For Debian 7
Wheezy, this problems have been fixed in version 0.8.15-5+deb7u1.
We recommend that you upgrade your irssi packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS