[Bug 1686478] Re: CVE-2017-8073 weechat remote crash

Launchpad Bug Tracker Thu, 27 Apr 2017 19:45:55 -0700

This bug was fixed in the package weechat - 0.4.2-3ubuntu0.1

---------------
weechat (0.4.2-3ubuntu0.1) trusty-security; urgency=medium


  * SECURITY UPDATE: remote buffer overflow crash by sending a filename
    via DCC to the IRC plugin (LP: #1686478)
    - debian/patches/03_fix_CVE-2017-8073.patch: Fix quote removal in
      irc_ctcp_dcc_filename_without_quotes function in
      src/plugins/irc/irc-ctcp.c. Patch from 1.7.1 via Debian.
    - CVE-2017-8073

 -- Jeremy Bicha <[email protected]>  Wed, 26 Apr 2017 14:10:49 -0400

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1686478

Title:
   CVE-2017-8073 weechat remote crash

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/weechat/+bug/1686478/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1686478] Re: CVE-2017-8073 weechat remote crash

Reply via email to