[SECURITY] [DLA 2157-1] weechat security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2157-1] weechat security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Tue, 24 Mar 2020 22:08:21 +0100 (CET)
Message-id: <[🔎] alpine.DEB.2.20.2003242206360.22993@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : weechat
Version        : 1.0.1-1+deb8u3
CVE ID         : CVE-2020-8955 CVE-2020-9759 CVE-2020-9760

Several issues have been found in weechat, a fast, light and extensiblechat client.All issues are about crafted messages, that could result ina buffer overflow and application crash. This could cause a denial ofservice or possibly have other impact.



For Debian 8 "Jessie", these problems have been fixed in version
1.0.1-1+deb8u3.

We recommend that you upgrade your weechat packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl56dsVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEeLLw/+OVGdUAwXjP40cMJ04rjUp8c6X6LFLKZn2PYArn1EYcI8zrFinFoat8Q1
dgw8ZQ5zA91/DCZN4kC14ilb0j+J6vp5WWa7YgaUVdwTT7StOdpyPAOOyvv7uloS
0EJVpYPUMqYZYQoz1vX5SpXLYMgAS0Iz5h9/svpQc/SgAvHwNRkAy5mvSYWbwyTW
Mh0o+bwlqwXOtCGbHGNI8H/qM7rJxeXvnqtmn9vm43P1byHIs009W9IlX77x3Q5G
EAlmq1vuzIar4S0uB5KUMGtL2BELzAv2UGUh4zCHRBNiq8cCYRLYQ/8ybnv6xZLt
KwI05u+1Ux6BitVzeUDWTjyWNBNexDg+00Y5jnz58nNDGmj6dmovDylNggZtyAVs
Ju+owobZo+yJxBlooiNP/DWndr/TWgUcNclafi40DJiPpiy5CsNROGK2oG1iJzZv
OU9noh+3LPKHIQE5jw2d+DjYtTnPGJkQWCqT2Hz3q9FjQL9ptjaCML8gYVc+7Kpy
3LC+76PBALWvU75Pn0XH6ArSxbzPja+/nHe7v1WUgv2t6E2Fxz5XZ4KiWv0Iwr+t
fEm3d0dIWFmleuOF/NTvqy5Bx+B49Xi7ce2bjObhut4OfAy8xBERyKbTnYrEMO59
XS1Os/onb38vU9d8Xpm/G1KEQ1fLzmkA/1IgFZ2BL37ewFiSsWY=
=Owoz
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2156-1] e2fsprogs security update
Next by Date: [SECURITY] [DLA 2158-1] ruby2.1 security update
Previous by thread: [SECURITY] [DLA 2156-1] e2fsprogs security update
Next by thread: [SECURITY] [DLA 2158-1] ruby2.1 security update
Index(es):
- Date
- Thread