-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2770-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk September 30, 2021 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : weechat Version : 1.6-1+deb9u3 CVE ID : CVE-2020-8955 CVE-2020-9759 CVE-2020-9760 CVE-2021-40516 Debian Bug : 951289 993803 Several vulnerabilities were fixed in the chat client WeeChat. CVE-2020-8955 A crafted irc message 324 (channel mode) could result in a crash. CVE-2020-9759 A crafted irc message 352 (who) could result in a crash. CVE-2020-9760 A crafted irc message 005 (setting a new mode for a nick) could result in a crash. CVE-2021-40516 A crafted WebSocket frame could result in a crash in the Relay plugin. For Debian 9 stretch, these problems have been fixed in version 1.6-1+deb9u3. We recommend that you upgrade your weechat packages. For the detailed security status of weechat please refer to its security tracker page at: https://security-tracker.debian.org/tracker/weechat Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmFVqGIACgkQiNJCh6LY mLFY8A/8DkcAHSFWnHcz1AtjmDqO4jAYR4/lkDXG8tik3OQG9TPdxv/trCPgmI40 7J/Bs4gB7gDPPkbuIA4EHKAM9Vh1w4uP2uWnu/cbYHDnK3ELlBLNOgpdGX+01bQa 0m8Iujyg126/oElKeosEC9TG4NcyFgLBfkeGpAsNFCHu9mDCeKZiuqG/iI07IHu9 DxEo2+8nSFsbyqP6bPuBcTRUm66ZdnJcxoIDfT85xx7PEeSc8tNCqz5PeUAgvxBU qZeJyRQkyj/ED170bdySvdDCbAxr3vwPs1lCjsClZCmHS7UNiYSFvduRt7U3wt1C NEBaNHKzbZQZATcuS27XCecjqv0vn7INhzQis9nAafIpjajBjTV0ytNAKheM/xdJ Q/WtLZuoNL0v0zyihPNgBzp1jTYiM76+gbSLT8YxF9FN/YDdV33uQ7DcK7PS2+9/ yVxtqMofF87Yxg4CeCEgZSYmyqBFf0HJyu+9UFSNyg4FdhjPE4QC4+y7gPjZWlLt jTY7QpAU21jA+sSRbm5Bznhns67sZhE+AaFjC9SM0DvJBpNFLB0SIi/IWeo3ZLUJ MduWosNHHPQdTyMn600qJlBa2yO+HSmV4Rfa1CGHLF07TA3tGgLviEsoXG9SbmdE 2CKN+CMBhWGJOi9iym+++x3HZTQ9DciUxuvo6u31Tq1RqZIrYog= =ZSvB -----END PGP SIGNATURE-----