Package: irssi Version: 1.2.0-2.1 Severity: normal Dear Maintainer,
Today, I ran across a problem in irssi - for me, it manifested as /reload causing my SASL connections to fail auth on (re)connects until I restarted irssi. The problem turns out to be a use-after-free in the SASL handling code; the fix[1] is in 1.2.1 and newer, but it'd be nice if people using buster weren't stuck with this until they upgraded. (Nevermind the slightly off Version string; I quickly shoved the patch from 1058 into the package and rebuilt it to confirm the problem went away.) - Rich [1] - https://github.com/irssi/irssi/pull/1058 -- System Information: Debian Release: 10.9 APT prefers stable APT policy: (1000, 'stable'), (900, 'testing-debug'), (900, 'testing'), (800, 'unstable-debug'), (800, 'unstable'), (500, 'stable-updates'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-16-amd64 (SMP w/16 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages irssi depends on: ii libc6 2.28-10 ii libglib2.0-0 2.58.3-2+deb10u2 ii libperl5.28 5.28.1-6+deb10u1 ii libssl1.1 1.1.1d-0+deb10u6 ii libtinfo6 6.1+20181013-2+deb10u2 ii perl 5.28.1-6+deb10u1 ii perl-base [perlapi-5.28.1] 5.28.1-6+deb10u1 irssi recommends no packages. Versions of packages irssi suggests: pn irssi-scripts <none> -- no debconf information
