Package: release.debian.org Severity: normal Tags: jessie User: release.debian....@packages.debian.org Usertags: pu
Hi, after the security update of irssi another report came in about a script included in irssi, buf.pl. If it's loaded and an /upgrade of irssi is done the current buffer content is written to a temporary file which didn't use tightly secured file permissions to temporarily store the buffer content for re-reading it after re-execing irssi. The patch that upstream provides is this: https://github.com/irssi/scripts.irssi.org/commit/f1b1eb154baa684fad5d65bf4dff79c8ded8b65a I uploaded it to unstable already and would like to push it to stable, too. Thanks in advance, Rhonda -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.6.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)