---
name: IRSSI-SA-2017-07
release_date: 2017-07-07
git_commit: 5e26325317c72a04c1610ad952974e206384d291
bugs:
  -
    cve: CVE-2017-10965
    exploitable_by: server
    affected_versions:
      to: 1.0.3
    fixed_version: 1.0.4
    credit: Brian 'geeknik' Carpenter of Geeknik Labs
    description: 'NULL pointer dereference when receiving messages with invalid timestamp'
    description_long: >
      When receiving messages with invalid time stamps, Irssi would try
      to dereference a NULL pointer. Found by Brian 'geeknik' Carpenter
      of Geeknik Labs. (CWE-690)
    impact: >
      May result in denial of service (remote crash).
    mitigating_info: >
      requires control over the ircd
  -
    cve: CVE-2017-10966
    exploitable_by: client
    affected_versions:
      to: 1.0.3
    fixed_version: 1.0.4
    credit: Brian 'geeknik' Carpenter of Geeknik Labs
    description: 'Use after free after nicklist structure has been corrupted while updating a nick group'
    description_long: >
      While updating the internal nick list, Irssi may incorrectly use
      the GHashTable interface and free the nick while updating it. This
      will then result in use-after-free conditions on each access of
      the hash table. Found by Brian 'geeknik' Carpenter of Geeknik
      Labs. (CWE-416 caused by CWE-227)
    impact: >
      Undefined behaviour.
    mitigating_info: >
      should not happen with a conforming ircd
recommended_action: >
  Upgrade to Irssi 1.0.4. Irssi 1.0.4 is a maintenance release in the
  1.0 series, without any new features.

  After installing the updated packages, one can issue the /upgrade
  command to load the new binary. TLS connections will require
  /reconnect.

---