---
name: IRSSI-SA-2017-06
release_date: 2017-06-06
git_commit: fb08fc7f1aa6b2e616413d003bf021612301ad55
bugs:
  -
    cve: CVE-2017-9468
    exploitable_by: server
    affected_versions:
      to: 1.0.2
    fixed_version: 1.0.3
    credit: 'Joseph Bisch'
    description: 'NULL pointer dereference when receiving a DCC message without source nick/host'
    description_long: >
      When receiving a DCC message without source nick/host, Irssi would
      attempt to dereference a NULL pointer. Found by Joseph
      Bisch. (CWE-690)
    impact: >
      May result in denial of service (remote crash).
    mitigating_info: >
      requires control over the ircd
  -
    cve: CVE-2017-9469
    exploitable_by: client
    affected_versions:
      to: 1.0.2
    fixed_version: 1.0.3
    credit: 'Joseph Bisch'
    description: 'Out of bounds read when parsing incorrectly quoted DCC files'
    description_long: >
      When receiving certain incorrectly quoted DCC files, Irssi would
      try to find the terminating quote one byte before the allocated
      memory. Found by Joseph Bisch. (CWE-129, CWE-127)
    impact: >
      May result in denial of service (remote crash), but in practice
      this seems to be very unlikely unless address sanitizer is
      enabled.
recommended_action: >
  Upgrade to Irssi 1.0.3. Irssi 1.0.3 is a maintenance release in the
  1.0 series, without any new features.

  After installing the updated packages, one can issue the /upgrade
  command to load the new binary. TLS connections will require
  /reconnect.
---