CVE-2017-8073 weechat remote crash
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
weechat (Debian) |
Fix Released
|
Unknown
|
|||
weechat (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC tot he IRC plugin. This occurs in the irc_ctcp_
Fixed in Debian
---------------
weechat (1.7-3) unstable; urgency=medium
.
* Add a patch to fix CVE-2017-8073 which allows a remote crash by
sending a filename via DCC to the IRC plugin (Closes: #861121)
That version was synced to Ubuntu 17.10 Alpha "artful"
References
----------
https:/
https:/
https:/
Testing Done
------------
None
CVE References
description: | updated |
information type: | Public → Public Security |
Changed in weechat (Debian): | |
status: | Unknown → Fix Released |
I used simple version numbers after checking the Ubuntu publishing history. I hope that's not a problem.