From aa3679cf00f9a46c1c2584f35dc955787d25c8ea Mon Sep 17 00:00:00 2001
From: Ailin Nemui <ailin@z30a.localdomain>
Date: Sat, 6 Jan 2018 15:06:19 +0100
Subject: Release Irssi 1.0.6

---
 _data/security.yml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

(limited to '_data/security.yml')

diff --git a/_data/security.yml b/_data/security.yml
index e16eb67..49671b0 100644
--- a/_data/security.yml
+++ b/_data/security.yml
@@ -321,3 +321,39 @@
       fixed_version: 1.0.5
       credit: 'Joseph Bisch'
       description: 'Read beyond end of buffer may occur if a Safe channel ID is not long enough'
+-
+  name: IRSSI-SA-2018-01
+  release_date: 2018-01-07
+  bugs:
+    -
+      cve: CVE-2018-5206
+      exploitable_by: server
+      affected_versions:
+        to: 1.0.5
+      fixed_version: 1.0.6
+      credit: 'Joseph Bisch'
+      description: 'When the channel topic is set without specifying a sender, Irssi may dereference NULL pointer.'
+    -
+      cve: CVE-2018-5205
+      exploitable_by: formats
+      affected_versions:
+        to: 1.0.5
+      fixed_version: 1.0.6
+      credit: 'Joseph Bisch'
+      description: 'When using incomplete escape codes, Irssi may access data beyond the end of the string.'
+    -
+      cve: CVE-2018-5208
+      exploitable_by: server
+      affected_versions:
+        to: 1.0.5
+      fixed_version: 1.0.6
+      credit: 'Joseph Bisch'
+      description: 'A calculation error in the completion code could cause a heap buffer overflow when completing certain strings.'
+    -
+      cve: CVE-2018-5207
+      exploitable_by: formats
+      affected_versions:
+        to: 1.0.5
+      fixed_version: 1.0.6
+      credit: 'Joseph Bisch'
+      description: 'When using an incomplete variable argument, Irssi may access data beyond the end of the string.'
-- 
cgit v1.2.3