[SECURITY] [DLA 1088-1] irssi security update

[Lucas Kanashiro <kanashiro@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : irssi
Version        : 0.8.15-5+deb7u2
CVE ID         : CVE-2017-9468 CVE-2017-9469
Debian Bug     : #864400

Irssi has some issues where remote attackers might be able to cause a crash.

CVE-2017-9468

	In irssi, when receiving a DCC message without source nick/host, it
	attempts to dereference a NULL pointer.

CVE-2017-9469

	In irssi, when receiving certain incorrectly quoted DCC files, it tries to
	find the terminating quote one byte before the allocated memory.

For Debian 7 "Wheezy", these problems have been fixed in version
0.8.15-5+deb7u2.

We recommend that you upgrade your irssi packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAlmtp1oACgkQ+COicpiD
yXwM/xAAgv3UIlB1ISMQ7EmKq+WVF060QFkdaj/0r/SnebT7SiwENcGcIk/YXjhJ
6ERgicynU0fkP1hqP09Dgj2pg8/D2Ly0sfAqU7nM8o0/fOFtExyRcchTclAD/n2r
JdzvyCNWUy/VuSdDyjIu7DPQY9EFECIW7AkI8NdLQTGmY4ec9NuEGyRRjinuQ72F
DJd6LFYUZXxLcct2B6ZKGDNb4+nLQruLhQ+4CoaoSHbcHErk0m4uNH9z/zYYYEgM
ebbzFSdOUz0QkiqpU7gUfJtDc4r6OFymkicdN1f1oSpCsIz3rsb7pkJAeoKJ8KEO
jE8xnCCC4uXamVqCkJ+EQcSgQMhf+ynqGwzCAX4BUfDjq1BUIUGvBCIwvoVXhAdf
j1D1C07nBDxN2bSP6U+Q0dx5oTiK94dz9xhNeQuRc5fXXeVQuR/M+UNj+d62kG6N
HZKxaGOec2EbRdIcbl6EtqMtIesipoAhao5xXBVYfRfS75Mpovto8xCS7lWaWmAu
VajSoGw1ELo5Ui+ofu7M76Z7ZScxE4NZ3EJ8KGJLeBtXASo497IDwoVsE7hPAL5Z
BYmASGwUm97fbqPBboLaz1Yx6lhulCX+zRdgtRcPbmTyyC6yiSpE1r30KsIS5/Pr
1BrFHnxZqvc6Dva6CQPzMaPG7XDhyuyxO2e80dZzoWQBZo3w0ZQ=
=2v4u
-----END PGP SIGNATURE-----