Hello community, here is the log from the commit of package irssi for openSUSE:Factory checked in at 2018-01-07 17:23:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/irssi (Old) and /work/SRC/openSUSE:Factory/.irssi.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "irssi" Sun Jan 7 17:23:24 2018 rev:48 rq:562174 version:1.0.6 Changes: -------- --- /work/SRC/openSUSE:Factory/irssi/irssi.changes 2017-10-23 16:52:56.529666656 +0200 +++ /work/SRC/openSUSE:Factory/.irssi.new/irssi.changes 2018-01-07 17:23:28.155380585 +0100 @@ -1,0 +2,15 @@ +Sat Jan 6 13:47:12 UTC 2018 - ailin.ne...@gmail.com + +- update to 1.0.6 + - Fix invalid memory access when reading hilight configuration + (#787, #788). + - Fix null pointer dereference when the channel topic is set + without specifying a sender (GL#20, GL!25). CVE-2018-5206 + - Fix return of random memory when using incomplete escape + codes (GL#21, GL!26). CVE-2018-5205 + - Fix heap buffer overflow when completing certain strings + (GL#19, GL!27). CVE-2018-5208 + - Fix return of random memory when using an incomplete + variable argument (GL#18, GL!28). CVE-2018-5207 + +------------------------------------------------------------------- Old: ---- irssi-1.0.5.tar.xz irssi-1.0.5.tar.xz.asc New: ---- irssi-1.0.6.tar.xz irssi-1.0.6.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ irssi.spec ++++++ --- /var/tmp/diff_new_pack.OrRpG4/_old 2018-01-07 17:23:28.811349838 +0100 +++ /var/tmp/diff_new_pack.OrRpG4/_new 2018-01-07 17:23:28.815349650 +0100 @@ -1,7 +1,7 @@ # # spec file for package irssi # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %bcond_with socks Name: irssi -Version: 1.0.5 +Version: 1.0.6 Release: 0 # Summary: Modular, Secure, and Well Designed IRC Client ++++++ irssi-1.0.5.tar.xz -> irssi-1.0.6.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.0.5/ChangeLog new/irssi-1.0.6/ChangeLog --- old/irssi-1.0.5/ChangeLog 2017-10-20 17:16:49.000000000 +0200 +++ new/irssi-1.0.6/ChangeLog 2018-01-05 00:07:44.000000000 +0100 @@ -1,42 +1,80 @@ -commit 7a770022be9a77aeda7af4b7090fb780a23c3b4e +commit fe6e377beb57a11ce47683055834722e0ed6ba2b +Author: ailin-nemui <ailin-ne...@users.noreply.github.com> +Date: Fri Jan 5 00:04:58 2018 +0100 + + tag as 1.0.6 + +commit cacb48e4f458bc419ae90c5f2f219dacf769a814 +Author: ailin-nemui <ailin-ne...@users.noreply.github.com> +Date: Tue Nov 14 08:50:06 2017 +0100 + + Merge pull request #788 from LemonBoy/fix-787 + + Keep a copy of the strings coming from the config + + (cherry picked from commit 933fac7e9d4d1cea93887cb38bab51c938a8c687) + +commit aea58025194811d9a92ad7a8d708476e43a4816e +Author: Nei <ailin.ne...@gmail.com> +Date: Thu Jan 4 22:29:29 2018 +0000 + + Merge branch 'security' into 'master' + + Security + + Closes GL#18, GL#19, GL#20, GL#21 + + See merge request irssi/irssi!29 + + (cherry picked from commit 9df3d92598108b6e68fcc5521cd1fab8462d7ec5) + +commit b00b45cf2181a8d40817b000c9a851ce4469d0b5 Author: ailin-nemui <ailin-ne...@users.noreply.github.com> Date: Fri Oct 20 17:15:30 2017 +0200 tag as 1.0.5 -commit eef318301421b0ade7f184543f7165df583744c2 +commit 11f0d046dee47c1965eeeab21faf9219b8144a98 Author: ailin-nemui <ailin-ne...@users.noreply.github.com> Date: Fri Oct 13 17:14:47 2017 +0200 Merge pull request #769 from horgh/horgh/error-check-server-connect Set host to an empty string on error + + (cherry picked from commit 437fbef6eb8f605320841cba119d3abbb3571a75) -commit 404eb0995e3b3ac87d59430250644827a421ed23 +commit 2d0f7bcc5072ca5df1e02797119706c3a60a2f3f Author: ailin-nemui <ailin-ne...@users.noreply.github.com> Date: Sun Oct 8 18:50:19 2017 +0200 Merge pull request #763 from rbisewski/master Improvements to statusbar documentation and help text. + + (cherry picked from commit 016fd344362ddcc4b1a0781df9ac2416acc54e69) -commit dd53f3fc9601e3d6a07dffe85b985f309a4e87a1 +commit d2bfd44c16a10888a88ee3676a514c474c91c902 Author: ailin-nemui <ailin-ne...@users.noreply.github.com> Date: Thu Aug 10 16:49:32 2017 +0200 Merge pull request #737 from ailin-nemui/fix-733 Revert "Merge pull request #452 from LemonBoy/terminfo-cup" + + (cherry picked from commit 13471013f31be1e2f459dfce9bc7425800b2824b) -commit d2ccea03d4bc7dd76b5cdf2df64e2416858fe014 +commit 32d0daf87e7b59e473a78494cf6bdf8c89a48174 Author: ailin-nemui <ailin-ne...@users.noreply.github.com> Date: Wed Jul 26 10:57:05 2017 +0200 Merge pull request #719 from LemonBoy/sasl-disable-none Setting sasl_mechanism to '' disables the auth + + (cherry picked from commit 7b97edf9d1de8c270e4482c85d142303e07525c9) -commit 43e44d553d44e313003cee87e6ea5e24d68b84a1 +commit 29f0ed96d55448f8baad21af6f2b1efdcbbd7000 Author: Nei <ailin.ne...@gmail.com> Date: Fri Oct 20 13:31:26 2017 +0000 @@ -47,6 +85,8 @@ Closes GL#12, GL#13, GL#14, GL#15, GL#16 See merge request irssi/irssi!23 + + (cherry picked from commit 0557a2cb7c03483012b1557ccb0b23fe0becc264) commit 527c19803b56cc0ec84050ca63d992fbecadac1e Author: Ailin Nemui <ailin@z30a.localdomain> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.0.5/NEWS new/irssi-1.0.6/NEWS --- old/irssi-1.0.5/NEWS 2017-10-20 17:16:43.000000000 +0200 +++ new/irssi-1.0.6/NEWS 2018-01-05 00:07:25.000000000 +0100 @@ -1,3 +1,15 @@ +v1.0.6 2018-01-07 The Irssi team <st...@irssi.org> + - Fix invalid memory access when reading hilight configuration + (#787, #788). + - Fix null pointer dereference when the channel topic is set + without specifying a sender (GL#20, GL!25). + - Fix return of random memory when using incomplete escape + codes (GL#21, GL!26). + - Fix heap buffer overflow when completing certain strings + (GL#19, GL!27). + - Fix return of random memory when using an incomplete + variable argument (GL#18, GL!28). + v1.0.5 2017-10-23 The Irssi team <st...@irssi.org> - Fix missing -sasl_method '' in /NETWORK (#718, #719). - Fix incorrect restoration of term state when hitting SUSP diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.0.5/configure new/irssi-1.0.6/configure --- old/irssi-1.0.5/configure 2017-10-20 17:16:55.000000000 +0200 +++ new/irssi-1.0.6/configure 2018-01-05 00:07:50.000000000 +0100 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for irssi 1.0.5. +# Generated by GNU Autoconf 2.69 for irssi 1.0.6. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -587,8 +587,8 @@ # Identity of this package. PACKAGE_NAME='irssi' PACKAGE_TARNAME='irssi' -PACKAGE_VERSION='1.0.5' -PACKAGE_STRING='irssi 1.0.5' +PACKAGE_VERSION='1.0.6' +PACKAGE_STRING='irssi 1.0.6' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -1371,7 +1371,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures irssi 1.0.5 to adapt to many kinds of systems. +\`configure' configures irssi 1.0.6 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1441,7 +1441,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of irssi 1.0.5:";; + short | recursive ) echo "Configuration of irssi 1.0.6:";; esac cat <<\_ACEOF @@ -1579,7 +1579,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -irssi configure 1.0.5 +irssi configure 1.0.6 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2181,7 +2181,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by irssi $as_me 1.0.5, which was +It was created by irssi $as_me 1.0.6, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3050,7 +3050,7 @@ # Define the identity of the package. PACKAGE='irssi' - VERSION='1.0.5' + VERSION='1.0.6' # Some tools Automake needs. @@ -14614,7 +14614,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by irssi $as_me 1.0.5, which was +This file was extended by irssi $as_me 1.0.6, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -14680,7 +14680,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -irssi config.status 1.0.5 +irssi config.status 1.0.6 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.0.5/configure.ac new/irssi-1.0.6/configure.ac --- old/irssi-1.0.5/configure.ac 2017-10-20 17:16:43.000000000 +0200 +++ new/irssi-1.0.6/configure.ac 2018-01-05 00:07:25.000000000 +0100 @@ -1,4 +1,4 @@ -AC_INIT(irssi, 1.0.5) +AC_INIT(irssi, 1.0.6) AC_CONFIG_SRCDIR([src]) AC_CONFIG_AUX_DIR(build-aux) AC_PREREQ(2.50) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.0.5/irssi-config.h new/irssi-1.0.6/irssi-config.h --- old/irssi-1.0.5/irssi-config.h 2017-10-20 17:16:59.000000000 +0200 +++ new/irssi-1.0.6/irssi-config.h 2018-01-05 00:07:55.000000000 +0100 @@ -71,7 +71,7 @@ #define PACKAGE_NAME "irssi" /* Define to the full name and version of this package. */ -#define PACKAGE_STRING "irssi 1.0.5" +#define PACKAGE_STRING "irssi 1.0.6" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "irssi" @@ -80,7 +80,7 @@ #define PACKAGE_URL "" /* Define to the version of this package. */ -#define PACKAGE_VERSION "1.0.5" +#define PACKAGE_VERSION "1.0.6" /* printf()-format for uoff_t, eg. "u" or "lu" or "llu" */ #define PRIuUOFF_T "lu" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.0.5/irssi-version.h new/irssi-1.0.6/irssi-version.h --- old/irssi-1.0.5/irssi-version.h 2017-10-20 17:17:05.000000000 +0200 +++ new/irssi-1.0.6/irssi-version.h 2018-01-05 00:07:59.000000000 +0100 @@ -1,2 +1,2 @@ -#define IRSSI_VERSION_DATE 20171020 -#define IRSSI_VERSION_TIME 1715 +#define IRSSI_VERSION_DATE 20180105 +#define IRSSI_VERSION_TIME 4 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.0.5/src/core/misc.c new/irssi-1.0.6/src/core/misc.c --- old/irssi-1.0.5/src/core/misc.c 2017-10-20 17:16:43.000000000 +0200 +++ new/irssi-1.0.6/src/core/misc.c 2018-01-05 00:07:25.000000000 +0100 @@ -707,8 +707,11 @@ *data += 2; return strtol(digit, NULL, 16); case 'c': - /* control character (\cA = ^A) */ - (*data)++; + /* check for end of string */ + if ((*data)[1] == '\0') + return 0; + /* control character (\cA = ^A) */ + (*data)++; return i_toupper(**data) - 64; case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.0.5/src/core/special-vars.c new/irssi-1.0.6/src/core/special-vars.c --- old/irssi-1.0.5/src/core/special-vars.c 2017-10-20 17:16:34.000000000 +0200 +++ new/irssi-1.0.6/src/core/special-vars.c 2018-01-05 00:06:47.000000000 +0100 @@ -384,6 +384,7 @@ } nest_free = FALSE; nest_value = NULL; +#if 0 /* this code is disabled due to security issues until it is fixed */ if (**cmd == '(' && (*cmd)[1] != '\0') { /* subvariable */ int toplevel = nested_orig_cmd == NULL; @@ -412,6 +413,9 @@ if (toplevel) nested_orig_cmd = NULL; } +#else + if (nested_orig_cmd) nested_orig_cmd = NULL; +#endif if (**cmd != '{') brackets = FALSE; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.0.5/src/fe-common/core/completion.c new/irssi-1.0.6/src/fe-common/core/completion.c --- old/irssi-1.0.5/src/fe-common/core/completion.c 2017-10-20 17:16:43.000000000 +0200 +++ new/irssi-1.0.6/src/fe-common/core/completion.c 2018-01-05 00:07:25.000000000 +0100 @@ -186,12 +186,18 @@ char *old; old = linestart; - linestart = *linestart == '\0' ? - g_strdup(word) : - g_strdup_printf("%s%c%s", - /* do not accidentally duplicate the word separator */ - line == wordstart - 1 ? "" : linestart, - old_wordstart[-1], word); + /* we want to move word into linestart */ + if (*linestart == '\0') { + linestart = g_strdup(word); + } else { + GString *str = g_string_new(linestart); + if (old_wordstart[-1] != str->str[str->len - 1]) { + /* do not accidentally duplicate the word separator */ + g_string_append_c(str, old_wordstart[-1]); + } + g_string_append(str, word); + linestart = g_string_free(str, FALSE); + } g_free(old); g_free(word); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.0.5/src/fe-common/core/hilight-text.c new/irssi-1.0.6/src/fe-common/core/hilight-text.c --- old/irssi-1.0.5/src/fe-common/core/hilight-text.c 2017-10-20 17:16:43.000000000 +0200 +++ new/irssi-1.0.6/src/fe-common/core/hilight-text.c 2018-01-05 00:07:25.000000000 +0100 @@ -109,6 +109,7 @@ if (rec->channels != NULL) g_strfreev(rec->channels); g_free_not_null(rec->color); g_free_not_null(rec->act_color); + g_free_not_null(rec->servertag); g_free(rec->text); g_free(rec); } @@ -456,7 +457,7 @@ CONFIG_NODE *node; HILIGHT_REC *rec; GSList *tmp; - char *text, *color; + char *text, *color, *servertag; hilights_destroy_all(); @@ -499,7 +500,9 @@ rec->nickmask = config_node_get_bool(node, "mask", FALSE); rec->fullword = config_node_get_bool(node, "fullword", FALSE); rec->regexp = config_node_get_bool(node, "regexp", FALSE); - rec->servertag = config_node_get_str(node, "servertag", NULL); + servertag = config_node_get_str(node, "servertag", NULL); + rec->servertag = servertag == NULL || *servertag == '\0' ? NULL : + g_strdup(servertag); hilight_init_rec(rec); node = iconfig_node_section(node, "channels", -1); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.0.5/src/irc/core/channel-events.c new/irssi-1.0.6/src/irc/core/channel-events.c --- old/irssi-1.0.5/src/irc/core/channel-events.c 2017-10-20 17:16:34.000000000 +0200 +++ new/irssi-1.0.6/src/irc/core/channel-events.c 2018-01-05 00:06:47.000000000 +0100 @@ -138,7 +138,13 @@ g_free_not_null(chanrec->topic_by); chanrec->topic_by = g_strdup(setby); - chanrec->topic_time = settime; + if (chanrec->topic_by == NULL) { + /* ensure invariant topic_time > 0 <=> topic_by != NULL. + this could be triggered by a topic command without sender */ + chanrec->topic_time = 0; + } else { + chanrec->topic_time = settime; + } signal_emit("channel topic changed", 1, chanrec); }