This bug was fixed in the package weechat - 1.5-1ubuntu0.1 --------------- weechat (1.5-1ubuntu0.1) yakkety-security; urgency=medium
* SECURITY UPDATE: remote buffer overflow crash by sending a filename via DCC to the IRC plugin (LP: #1686478) - debian/patches/03_fix_CVE-2017-8073.patch: Fix quote removal in irc_ctcp_dcc_filename_without_quotes function in src/plugins/irc/irc-ctcp.c. Patch from 1.7.1 via Debian. - CVE-2017-8073 -- Jeremy Bicha <jbi...@ubuntu.com> Wed, 26 Apr 2017 14:10:49 -0400 ** Changed in: weechat (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1686478 Title: CVE-2017-8073 weechat remote crash To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/weechat/+bug/1686478/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs