[3.1] irssi: crash and heap corruption vulnerabilites (CVE-2016-7044, CVE-2016-7045)

CVE-2016-7044: Unchecked input in unformat_24bit_color() can lead to crash

CVE-2016-7045: String length not validated in format_send_to_gui() causing crash

Fixed In Version:

irssi 0.8.20

Reference:

https://irssi.org/security/irssi\_sa\_2016.txt

(from redmine: issue id 6214, created on 2016-09-22, closed on 2016-10-25)

Relations:
- parent #6211 (closed)
Changesets:
- Revision 9efd168e on 2016-10-19T08:14:47Z:

main/irssi: security upgrade to 0.8.20 (CVE-2016-7044, CVE-2016-7045)

Fixes #6214

(cherry picked from commit b37c51d94a10eb6d1ef13bb1621230713c178057)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information