[SECURITY] [DLA 722-1] irssi security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 722-1] irssi security update
From: Ola Lundqvist <opal@debian.org>
Date: Fri, 25 Nov 2016 22:08:41 +0100
Message-id: <[🔎] 20161125210841.GA8848@inguza.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : irssi
Version        : 0.8.15-5+deb7u1
CVE ID         : CVE-2016-7553
Debian Bug     : 838762

An information disclosure vulnerability was found in irssi.

CVE-2016-7553
  Other users on the same machine as the user running irssi with
  buf.pl loaded may be able to retrieve the whole window contents
  after /UPGRADE.
  Furthermore, this dump of the windows contents is never removed
  afterwards.

For Debian 7 "Wheezy", this problems have been fixed in version
0.8.15-5+deb7u1.

We recommend that you upgrade your irssi packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

- -- 
 -------------- Ola Lundqvist --------------------
/  opal@debian.org       GPG fingerprint          \
|  ola@inguza.com        22F2 32C6 B1E0 F4BF 2B26 |
|  http://inguza.com/    0A6A 5E90 DCFA 9426 876F /
 -------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJYOKhZAAoJEF6Q3PqUJodvpM0QAJoDvOnfaNCy7bR78R4snGYi
YPuhK2q1Gt8s/58EJJ4FpumlHcNltqVe6s9Ld7QCWrmigT1P7K3+5uL67O7sgm4a
wTkUFJNlpJCslnmbw4akeIp2DgiuavQ1sbv03feODgOGBgq2q1GEmAE2tj83/RQw
oMwEuia7kaK2Tj2wQZAyRB6x3ERQACiPvpNu+uCXcMDtKyN2Aa/Ge9oYvihr89ty
ZmYd7IoTTxuVNj/JJRYlpUbvUfZGL9pIogiCkZU0mQTV0R0EYcRdi1wjf2UGH3LB
2sZsgBEy2lBtSJJoUY8fYLG4hOmhLuJq80inVBhWnktVMx6G4znCwWaLGBwyupBA
bL9qvwO2xqrchVHznY1EEFQEOjX56o7mH4vP8e4VVs1KQCEv4XV0z7Lad+sel8a1
BamofERvw3ydLKlfgWbJ1jg4k1glx9tE6Wp4s5NQZeR/jPbB9wjj1z8IYrHO4uuO
6suEL9WzCnYyQySvBRm2H6QKqTYVbTfwKabUCmPFd0gi+yTDUMvmauUbIAvA1eTq
JWKl8ocOaYPf99LazL/5Ot8rSYh4yUb/iUT3ftPZ1HadX+icXOzElPwN+C0asR3L
2cnO6VM6y1cZaJsfcp+bq5QHHRn1KymrUZ/bkEV1VKgxHoX/j+KGIrFg0MbSg/FP
6Q3mTCtf2Q2d+90ELmuu
=ukMy
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 721-1] libgc security update
Next by Date: [SECURITY] [DLA 723-1] libsoap-lite-perl security update
Previous by thread: [SECURITY] [DLA 721-1] libgc security update
Next by thread: [SECURITY] [DLA 723-1] libsoap-lite-perl security update
Index(es):
- Date
- Thread