[Secure-testing-team] Bug#855108: irssi: memory leak
Salvatore Bonaccorso
carnil at debian.org
Tue Feb 14 09:28:42 UTC 2017
Source: irssi
Version: 1.0.0-1
Severity: normal
Tags: patch upstream security
Hi
See http://www.openwall.com/lists/oss-security/2017/02/05/8 for
details an the patch reference (no CVE is assigned). AFAIC sasl.c is
compiled, thus filling the bug since at least affected sourcewise.
The second issue is marked as unimportant in the tracker, but if the
first one is fixed for stretch it might be good to fix as well the
'missing null terminator' issue.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list