Change logs for irssi source package in Buster
-
irssi (1.2.0-2+deb10u1) buster; urgency=medium * Import upstream security fix for CVE-2019-13045 (closes: #931264) -- Rhonda D'Vine <email address hidden> Thu, 29 Jul 2021 14:11:39 +0200
-
irssi (1.2.0-2) unstable; urgency=medium [ Rhonda D'Vine ] * Install otr help file also in irssi-plugin-otr package (closes: #922145) * Add NEWS.Debian entry about the upgrade path for the stored OTR data. * New patch 99fix-big-endian-64bit-test pulled from upstream. [ Unit 193 ] * Remove the now-empty dh_strip override. -- Rhonda D'Vine <email address hidden> Tue, 12 Feb 2019 21:59:00 +0100
-
irssi (1.1.2-1) unstable; urgency=high [ Daniel Kahn Gillmor ] * irssi Provides: irssi-abi-XXX for safer plugin packaging (Closes: #811445) [ Rhonda D'Vine ] * Bump Standards-Version to 4.2.1. * New upstream bugfix release, fixing CVE-2019-5882 (closes: #918865) -- Rhonda D'Vine <email address hidden> Fri, 21 Sep 2018 16:57:51 +0200
-
irssi (1.1.1-1) unstable; urgency=medium [ Rhonda D'Vine ] * New upstream release. * Uploaded from mIRC. * Adjust 03firsttimer_text patch for new location of the text. * Update copyright format URL to use https. * Install example scripts. * Bump Standards-Version to 4.1.4. * Move repository to salsa, update Vcs-* URLs. [ Unit 193 ] * Use https for upstream homepage. * /connect OFTC instead of irc.debian.org to get an ssl connection. -- Rhonda D'Vine <email address hidden> Wed, 25 Jul 2018 10:09:40 +0800
-
irssi (1.0.7-1) unstable; urgency=high * New upstream bugfix release (closes: #886475): From 1.0.6: - Fix invalid memory access when reading hilight configuration (#787, #788). - Fix null pointer dereference when the channel topic is set without specifying a sender [CVE-2018-5206] - Fix return of random memory when using incomplete escape codes [CVE-2018-5205] - Fix heap buffer overflow when completing certain strings [CVE-2018-5208] - Fix return of random memory when using an incomplete variable argument [CVE-2018-5207] From 1.0.7: - Prevent use after free error during the execution of some commands. Found by Joseph Bisch [CVE-2018-7054] (closes: #890674) - Revert netsplit print optimisation due to crashes - Fix use after free when SASL messages are received in unexpected order [CVE-2018-7053] (closes: #890675) - Fix null pointer dereference in the tab completion when an empty nick is joined [CVE-2018-7050] (closes: #890678) - Fix use after free when entering oper password - Fix null pointer dereference when too many windows are opened [CVE-2018-7052] (closes: #890676) - Fix out of bounds access in theme strings when the last escape is incomplete. Credit to Oss-Fuzz [CVE-2018-7051] (closes: #890677) - Fix out of bounds write when using negative counts on window resize - Minor help correction. By William Jackson * Fix watch URL. * Bump to debhelper compat 11, remove autotools-dev Build-Depends. * Bump Standards-Version to 4.1.3. * Add lintian overrides for the spelling of "hilight" in the changelog mentioning the lintian overrides for the spelling of "hilight" in irssi itself. -- Rhonda D'Vine <email address hidden> Tue, 06 Mar 2018 14:42:44 +0100
-
irssi (1.0.5-1) unstable; urgency=high * New upstream bugfix release (closes: #879521): - Fix missing -sasl_method '' in /NETWORK. - Fix incorrect restoration of term state when hitting SUSP inside screen. - Fix out of bounds read when compressing colour sequences. Found by Hanno Böck. [CVE-2017-15228] - Fix use after free condition during a race condition when waiting on channel sync during a rejoin [CVE-2017-15227] - Fix null pointer dereference when parsing certain malformed CTCP DCC messages. [CVE-2017-15721] - Fix crash due to null pointer dereference when failing to split messages due to overlong nick or target. [CVE-2017-15723] - Fix out of bounds read when trying to skip a safe channel ID without verifying that the ID is long enough. [CVE-2017-15722] - Fix return of random memory when inet_ntop failed. - Minor statusbar help update. * Remove deprecated --with autotools_dev call to dh. * Bump Standards-Version to 4.1.1. * Change priority of irssi-dev from deprecated extra to optional. * Use pkg-info.mk in debian/rules instead of calling dpkg-parsechangelog directly. -- Rhonda D'Vine <email address hidden> Mon, 06 Nov 2017 16:24:38 +0100
-
irssi (1.0.4-1) unstable; urgency=high * New upstream bugfix release (closes: #867598): - Fix null pointer dereference when parsing invalid timestamp. Reported by Brian 'geeknik' Carpenter. [CVE-2017-10965] - Fix use-after-free condition when removing nicks from the internal nicklist. Reported by Brian 'geeknik' Carpenter. [CVE-2017-10966] - Fix incorrect string comparison in DCC file names. - Fix regression in Irssi 1.0.3 where it would claim "Invalid time '-1'". - Fix a bug when using \n to separate lines with expand_escapes. - Retain screen output on improper exit, to better see any error messages. - Minor help update. -- Rhonda D'Vine <email address hidden> Tue, 11 Jul 2017 07:17:19 +0200