Your message dated Sat, 07 Aug 2021 18:02:10 +0000
with message-id <[email protected]>
and subject line Bug#931264: fixed in irssi 1.2.0-2+deb10u1
has caused the Debian Bug report #931264,
regarding irssi: CVE-2019-13045
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
931264: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931264
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: irssi
Version: 1.2.0-2
Severity: important
Tags: security upstream
Forwarded: https://github.com/irssi/irssi/pull/1058
Control: found -1 1.0.7-1~deb9u1
Control: found -1 1.0.7-1
Control: found -1 0.8.18-1
Hi,
The following vulnerability was published for irssi.
CVE-2019-13045[0]:
| Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when
| SASL is enabled, has a use after free when sending SASL login to the
| server.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2019-13045
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13045
[1] https://github.com/irssi/irssi/pull/1058
[2]
https://github.com/irssi/irssi/commit/5a67b983dc97caeb5df1139aabd0bc4f260a47d8
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: irssi
Source-Version: 1.2.0-2+deb10u1
Done: Rhonda D'Vine <[email protected]>
We believe that the bug you reported is fixed in the latest version of
irssi, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Rhonda D'Vine <[email protected]> (supplier of updated irssi package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 29 Jul 2021 14:11:39 +0200
Source: irssi
Binary: irssi irssi-dbgsym irssi-dev irssi-plugin-otr irssi-plugin-otr-dbgsym
Architecture: source amd64
Version: 1.2.0-2+deb10u1
Distribution: buster
Urgency: medium
Maintainer: Rhonda D'Vine <[email protected]>
Changed-By: Rhonda D'Vine <[email protected]>
Description:
irssi - terminal based IRC client
irssi-dev - terminal based IRC client - development files
irssi-plugin-otr - Off-The-Record messaging plugin for Irssi
Closes: 931264
Changes:
irssi (1.2.0-2+deb10u1) buster; urgency=medium
.
* Import upstream security fix for CVE-2019-13045 (closes: #931264)
Checksums-Sha1:
2850a891fa05a73ecf5450d4366c359f40ad5fa4 2265 irssi_1.2.0-2+deb10u1.dsc
28dd5da0d3153b5f19cbe422bc57cae618ab2aff 21992
irssi_1.2.0-2+deb10u1.debian.tar.xz
fcc50e60d5d1ad26eb99549ab8d62acecae7312b 2054896
irssi-dbgsym_1.2.0-2+deb10u1_amd64.deb
714db8bb083a49830c8e2867198ad31d70ece302 509244
irssi-dev_1.2.0-2+deb10u1_amd64.deb
1aa928791393b7a20f41a5b283e138429e030bbe 58676
irssi-plugin-otr-dbgsym_1.2.0-2+deb10u1_amd64.deb
b7ba2cc4866828901814c80ebfa02aa3fe445177 481300
irssi-plugin-otr_1.2.0-2+deb10u1_amd64.deb
cb3555c0cfe8a12ad88e5a5f8fd07c447d1ea9ed 7943
irssi_1.2.0-2+deb10u1_amd64.buildinfo
2fb385c3770e037893b863bad5fd5d805e268357 1176448
irssi_1.2.0-2+deb10u1_amd64.deb
Checksums-Sha256:
0ec5dbec5d3dc46c477ab796ffcaca0a8ef8fde654736261ee1d17abca3f3e09 2265
irssi_1.2.0-2+deb10u1.dsc
fc49b6148a1da5c8acb1383fe8737b47418ce8346c4ff1b1b1bf4ed89161bce6 21992
irssi_1.2.0-2+deb10u1.debian.tar.xz
6bdaaeb0dc5e21dd8835aba1aa06057f4c5e2c2f7387ae2961c25e0c9e5d54fa 2054896
irssi-dbgsym_1.2.0-2+deb10u1_amd64.deb
0f2356a15aa524e61bb82c2f248d523cf80f9a199b46595b7f846934860241ad 509244
irssi-dev_1.2.0-2+deb10u1_amd64.deb
3d1458704c1af340435aa37f9f462cd4075c4308c1f73ebb568d2ec2990a22e5 58676
irssi-plugin-otr-dbgsym_1.2.0-2+deb10u1_amd64.deb
b09c2a3258704a3196a3b4b4f5675890832f3cc4dcbbfe789a92b8dd7ea6a3c9 481300
irssi-plugin-otr_1.2.0-2+deb10u1_amd64.deb
e1c677063398c3aa7d826f320f85894cba1ac2a9122abd63554b84f111bad287 7943
irssi_1.2.0-2+deb10u1_amd64.buildinfo
bcb51501bebb5fdf829f501e0c2d042eebf121fe3f53c6170deb2ed4a7e64c33 1176448
irssi_1.2.0-2+deb10u1_amd64.deb
Files:
eb5871dd825d4692af3250cd742ab8a3 2265 net optional irssi_1.2.0-2+deb10u1.dsc
76e694cc865a22b3adfc25d360ad1fac 21992 net optional
irssi_1.2.0-2+deb10u1.debian.tar.xz
fe919f7f3caa243fcfe099e1d98ac5c9 2054896 debug optional
irssi-dbgsym_1.2.0-2+deb10u1_amd64.deb
29a5cad95dab7a6674c4470b9e4fccd4 509244 net optional
irssi-dev_1.2.0-2+deb10u1_amd64.deb
2774f4e93e25e342720510ae44f72ad6 58676 debug optional
irssi-plugin-otr-dbgsym_1.2.0-2+deb10u1_amd64.deb
9326cd1a709f8de399ecbe2ac795fc18 481300 net optional
irssi-plugin-otr_1.2.0-2+deb10u1_amd64.deb
9c0d5c7a13f50aff74f02c64e43c1b73 7943 net optional
irssi_1.2.0-2+deb10u1_amd64.buildinfo
6099c249624c2ccae576ac64f6a6074a 1176448 net optional
irssi_1.2.0-2+deb10u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEELHLzKO0XByBPs0mU3ugEPuF+uzAFAmECq2QACgkQ3ugEPuF+
uzBo+Q//YbBo6A08SrCxefbphMhn6C32kCSwEi2jF8EnQwJ+wblIUIU7hA1C99Ry
QlJF8raJPZlqheHSBFWh6WpC4191iMoQPwjtoTx2gX2l2tZeswST5Y4BNrs0BcmE
ZlG9MwMuoeE24OHDtunZzkxSiEJFecKnwY5h/MjrcXTOlNoj/NzlpR0q7Wg5qeR1
kQy3baICkTuypileX3+Vl4bo9Za0A16sfwFunvfIKhq0V6xv2wfyGUt3xI12m8cH
xlrBdfxHTnJb7KByPTQkMVSmYPDUZpTWGY74V5ltA5Nn3iYuXBnAw82rc5vd5EWX
MSfhuHztUtzFVw5wXM8J4T2NfcsaOG2t75b3oLnBFFFYbW8i7AEwbko+cUPmjOZj
cqxxkS6ui/F9PFJrW3bb19Fk99vgYd0x6TMA8l9HVTLu3LQV6RCtVqeKWeXOVRmO
2ll2apVGkR9jKsWF8e1ZGS+V0y4xqqepquBdH0Qh1VICvtB95tFE0pEtF9NdW1k5
3hRAS46ym4y6XkdFOioJ6jDwf5RSmniqh2B5LEDHtYm2+NJjiN0pEeHhQyWFH5r4
yzvCme0ejDPUvNN/Lidng/Ul7TBYx3lDJ0nuP9RiGhjnmtQ3BHT4Jjlt/k6yVfS7
zsbyImZVXFnaWt1rJo8hAcGX6m6zCrIXZhRHlfl4sicfVCGpCD8=
=OimJ
-----END PGP SIGNATURE-----
--- End Message ---
