On Sun, Sep 24 2017, Daniel Jakots <danj+o...@chown.me> wrote: > Hi, > > Weechat 1.9.1 was released to fix CVE-2017-14727: > Date/time conversion specifiers are expanded after replacing buffer > local variables in name of log files. In some cases, this can lead to > an error in function strftime and a crash caused by the use of an > uninitialized buffer. > > Patch: > https://github.com/weechat/weechat/commit/f105c6f0b56fb5687b2d2aedf37cb1d1b434d556 > > Patches for -current and -stable attached. > > Comments? OK?
ok jca@ > Cheers, > Daniel > > > -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
