[3.11] irssi: Use after free when sending SASL login to the server (CVE-2019-13045)
Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when
SASL is enabled,
has a use after free when sending SASL login to the server.
Fixed In Version:
Irssi 1.0.8, 1.1.3, 1.2.1
References:
https://irssi.org/security/irssi\_sa\_2019\_06.txt
https://www.openwall.com/lists/oss-security/2019/06/29/1
(from redmine: issue id 10654, created on 2019-07-04, closed on 2019-07-04)
- Relations:
- parent #10653 (closed)
- Changesets:
- Revision a95d7efd by Natanael Copa on 2019-07-04T10:36:31Z:
main/irssi: security upgrade to 1.2.1 (CVE-2019-13045)
fixes #10654
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information