Security update for irssi (moderate)

2021-04-2300:00:00

lists.opensuse.org

irssi

security update

utf8

compilation

memory leak

tls flag

crash

sasl

colour

layout

bounds calculation

null pointer

rendering

lastlog

suse

opensuse

patch

update

installation

yast

zypper

backports

sle-15-sp2

arm

solaris

oss-fuzz

misty de m��o

JSON

An update that contains security fixes can now be installed.

Description:

This update for irssi fixes the following issues:

irssi was updated to 1.2.3 (boo#1184848)

Fix the compilation of utf8proc (#1021)
Fix wrong call to free. By Zero King (#1076)
Fix a colour reset in true colour themes when encountering mIRC colours
(#1059)
Fix memory leak on malformed CAP requests (#1120)
Fix an erroneous free of SASL data. Credit to Oss-Fuzz (#1128, #1130)
Re-set the TLS flag when reconnecting (#1027, #1134)
Fix the scrollback getting stuck after /clear (#1115, #1136)
Fix the input of Ctrl+C as the first character (#1153, #1154)
Fix crash on quit during unloading of modules on certain platforms
(#1167)
Fix Irssi freezing input after Ctrl+Space on GLib >2.62 (#1180, #1183)
Fix layout of IDCHANs. By Lauri Tirkkonen (#1197)
Fix crash when server got reconnected before it was properly connected
(#1210, #1211)
Fix multiple identical active caps (#1249)
Minor help corrections (#1156, #1213, #1214, #1255)
Remove erroneous colour in the colorless theme. Reported and fixed by
Nutchanon Wetchasit (#1220, #1221)
Fix invalid bounds calculation when editing the text entry. Found and
fixed by Sergey Valentey (#1269)
Fix passing of negative size in buffer writes. Found and fixed by Sergey
Valentey (#1270)
Fix Irssi freezing on slow hardware and fast DCC transfers (#159, #1271)
Fix compilation on Solaris (#1291)
Fix null pointer dereference when receiving broken JOIN record. Credit
to Oss-Fuzz (#1292)
Fix crash on /connect to some sockets (#1239, #1298)
Fix Irssi rendering on Apple ARM. By Misty De M��o (#1267, #1268, #1290)
Fix crash on /lastlog with broken lines (#1281, #1299)
Fix memory leak when receiving bogus SASL authentication data. Found and
fixed by Sergey Valentey (#1293)

This update was imported from the openSUSE:Leap:15.2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

openSUSE Backports SLE-15-SP2:

zypper in -t patch openSUSE-2021-595=1

OSVersionArchitecturePackageVersionFilename
openSUSE Backports SLE15-SP2aarch64- opensuse backports sle< 15-SP2 (aarch64 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.aarch64.rpm
openSUSE Backports SLE15-SP2ppc64le- opensuse backports sle< 15-SP2 (aarch64 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm
openSUSE Backports SLE15-SP2s390x- opensuse backports sle< 15-SP2 (aarch64 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.s390x.rpm
openSUSE Backports SLE15-SP2x86_64- opensuse backports sle< 15-SP2 (aarch64 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE Backports SLE	15-SP2	aarch64	- opensuse backports sle	< 15-SP2 (aarch64 ppc64le s390x x86_64):	- openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.aarch64.rpm
openSUSE Backports SLE	15-SP2	ppc64le	- opensuse backports sle	< 15-SP2 (aarch64 ppc64le s390x x86_64):	- openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm
openSUSE Backports SLE	15-SP2	s390x	- opensuse backports sle	< 15-SP2 (aarch64 ppc64le s390x x86_64):	- openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.s390x.rpm
openSUSE Backports SLE	15-SP2	x86_64	- opensuse backports sle	< 15-SP2 (aarch64 ppc64le s390x x86_64):	- openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.x86_64.rpm

JSON