diff options
author | Peter Korsgaard <peter@korsgaard.com> | 2017-01-06 12:10:30 +0100 |
---|---|---|
committer | Peter Korsgaard <peter@korsgaard.com> | 2017-01-06 17:07:11 +0100 |
commit | 8528edfb3b3f6ee826c2339696c4c79c8ba5c938 (patch) | |
tree | ca4e34f233ceb6337ca1f2ce5d3bf51dcf73c54c /package/irssi | |
parent | 444253ef6e1d92740a27fed97801f11309e2bb62 (diff) | |
download | buildroot-8528edfb3b3f6ee826c2339696c4c79c8ba5c938.tar.gz buildroot-8528edfb3b3f6ee826c2339696c4c79c8ba5c938.zip |
irssi: security bump to 0.8.21
Bugfixes:
- CVE-2017-5193: Correct a NULL pointer dereference in the nickcmp function
found by Joseph Bisch (GL#1)
- CVE-2017-5194: Correct an error when receiving invalid nick message (GL#4,
#466)
- CVE-2017-5195: Correct an out of bounds read in certain incomplete control
codes found by Joseph Bisch (GL#2)
- CVE-2017-5196: Correct an out of bounds read in certain incomplete
character sequences found by Hanno Böck and independently by J. Bisch
(GL#3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/irssi')
-rw-r--r-- | package/irssi/irssi.hash | 2 | ||||
-rw-r--r-- | package/irssi/irssi.mk | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/package/irssi/irssi.hash b/package/irssi/irssi.hash index 33b2d0e1d8..b1048bf8f5 100644 --- a/package/irssi/irssi.hash +++ b/package/irssi/irssi.hash @@ -1,2 +1,2 @@ # Locally calculated after checking pgp signature -sha256 7882c4e821f5aac469c5e69e69d7e235f4986101285c675e81a9a95bfb20505a irssi-0.8.20.tar.xz +sha256 e433063b8714dcf17438126902c9a9d5c97944b3185ecd0fc5ae25c4959bf35a irssi-0.8.21.tar.xz diff --git a/package/irssi/irssi.mk b/package/irssi/irssi.mk index 0fb6fc792d..e467f89890 100644 --- a/package/irssi/irssi.mk +++ b/package/irssi/irssi.mk @@ -4,7 +4,7 @@ # ################################################################################ -IRSSI_VERSION = 0.8.20 +IRSSI_VERSION = 0.8.21 IRSSI_SOURCE = irssi-$(IRSSI_VERSION).tar.xz # Do not use the github helper here. The generated tarball is *NOT* the # same as the one uploaded by upstream for the release. |