CVE-2018-5207

Priority
Medium
Description
When using an incomplete variable argument, Irssi before 1.0.6 may access
data beyond the end of the string.
References
Bugs
Notes
 ratliff> GL#18, GL!28
Assigned-to
mdeslaur
Package
Source: irssi (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (0.8.15-5ubuntu3.4)
Ubuntu 16.04 LTS (Xenial Xerus):released (0.8.19-1ubuntu1.6)
Ubuntu 17.10 (Artful Aardvark):released (1.0.4-1ubuntu2.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (1.0.5-1ubuntu2)
Patches:
Upstream:https://github.com/irssi/irssi/commit/cf70fcd4b9b035e600462e8e5fa895c82741e721
More Information

Updated: 2018-01-16 13:14:40 UTC (commit 14011)