Package: irssi Version: 1.0.1-1 Severity: important "Irssi 1.0.2 has been released. This release fixes a remote crash issue in Irssi 1.0 as well as a few bug fixes, the most notable a regression that broke incoming DCC file transfers. T here are no new features. All Irssi 1.0 users should upgrade to this version." - https://irssi.org/2017/03/11/irssi-1.0.2-released/
"Use after free while producing list of netjoins (CWE-416) This issue usually leads to segmentation faults. Targeted code execution should be difficult. We believe Irssi 0.8.21 and prior are not affected since a different code path causes the netjoins to be flushed prior to reaching the use after free condition." - https://irssi.org/security/irssi_sa_2017_03.txt Thus stretch/sid (version 1.0.1-1) and jessie-backports (1.0.0-1~bpo8+1) are affected but jessie (0.8.17-1+deb8u3) is not
