Security update for irssi SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:1894-1 Final 1 1 2019-08-14T15:32:02Z current 2019-08-14T15:32:02Z 2019-08-14T15:32:02Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for irssi This update for irssi fixes the following issues: irssi was updated to 1.1.3: - CVE-2019-13045: Fix a use after free issue when sending the SASL login on (automatic and manual) reconnects (#1055, #1058) (boo#1139802) - Fix regression of #779 where autolog_ignore_targets would not matching itemless windows anymore (#1012, #1013) This update was imported from the openSUSE:Leap:15.1:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-1894 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2019-08/msg00030.html E-Mail link for openSUSE-SU-2019:1894-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1139802 SUSE Bug 1139802 https://www.suse.com/security/cve/CVE-2019-13045/ SUSE CVE CVE-2019-13045 page SUSE Package Hub 15 SP1 irssi-1.1.3-bp151.3.3.3 irssi-devel-1.1.3-bp151.3.3.3 irssi-1.1.3-bp151.3.3.3 as a component of SUSE Package Hub 15 SP1 irssi-devel-1.1.3-bp151.3.3.3 as a component of SUSE Package Hub 15 SP1 Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server. CVE-2019-13045 SUSE Package Hub 15 SP1:irssi-1.1.3-bp151.3.3.3 SUSE Package Hub 15 SP1:irssi-devel-1.1.3-bp151.3.3.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-08/msg00030.html https://www.suse.com/security/cve/CVE-2019-13045.html CVE-2019-13045 https://bugzilla.suse.com/1139802 SUSE Bug 1139802