Source: irssi Version: 1.0.0-1 Severity: normal Tags: patch upstream security
Hi See http://www.openwall.com/lists/oss-security/2017/02/05/8 for details an the patch reference (no CVE is assigned). AFAIC sasl.c is compiled, thus filling the bug since at least affected sourcewise. The second issue is marked as unimportant in the tracker, but if the first one is fixed for stretch it might be good to fix as well the 'missing null terminator' issue. Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
