openSUSE-SU-2021:0587-1: moderate: Security update for irssi
openSUSE Security Update: Security update for irssi
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:0587-1
Rating: moderate
References: #1184848
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for irssi fixes the following issues:
irssi was updated to 1.2.3 (boo#1184848)
- Fix the compilation of utf8proc (#1021)
- Fix wrong call to free. By Zero King (#1076)
- Fix a colour reset in true colour themes when encountering mIRC colours
(#1059)
- Fix memory leak on malformed CAP requests (#1120)
- Fix an erroneous free of SASL data. Credit to Oss-Fuzz (#1128, #1130)
- Re-set the TLS flag when reconnecting (#1027, #1134)
- Fix the scrollback getting stuck after /clear (#1115, #1136)
- Fix the input of Ctrl+C as the first character (#1153, #1154)
- Fix crash on quit during unloading of modules on certain platforms
(#1167)
- Fix Irssi freezing input after Ctrl+Space on GLib >2.62 (#1180, #1183)
- Fix layout of IDCHANs. By Lauri Tirkkonen (#1197)
- Fix crash when server got reconnected before it was properly connected
(#1210, #1211)
- Fix multiple identical active caps (#1249)
- Minor help corrections (#1156, #1213, #1214, #1255)
- Remove erroneous colour in the colorless theme. Reported and fixed by
Nutchanon Wetchasit (#1220, #1221)
- Fix invalid bounds calculation when editing the text entry. Found and
fixed by Sergey Valentey (#1269)
- Fix passing of negative size in buffer writes. Found and fixed by Sergey
Valentey (#1270)
- Fix Irssi freezing on slow hardware and fast DCC transfers (#159, #1271)
- Fix compilation on Solaris (#1291)
- Fix null pointer dereference when receiving broken JOIN record. Credit
to Oss-Fuzz (#1292)
- Fix crash on /connect to some sockets (#1239, #1298)
- Fix Irssi rendering on Apple ARM. By Misty De M??o (#1267, #1268, #1290)
- Fix crash on /lastlog with broken lines (#1281, #1299)
- Fix memory leak when receiving bogus SASL authentication data. Found and
fixed by Sergey Valentey (#1293)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-587=1
Package List:
- openSUSE Leap 15.2 (x86_64):
irssi-1.2.3-lp152.3.3.1
irssi-debuginfo-1.2.3-lp152.3.3.1
irssi-debugsource-1.2.3-lp152.3.3.1
irssi-devel-1.2.3-lp152.3.3.1
References:
https://bugzilla.suse.com/1184848
A irssi security update has been released for openSUSE Leap 15.2.
