[Weechat-security] Security vulnerability fixed in WeeChat 0.4.1

weechat-security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Weechat-security] Security vulnerability fixed in WeeChat 0.4.1

From:	FlashCode
Subject:	[Weechat-security] Security vulnerability fixed in WeeChat 0.4.1
Date:	Tue, 21 May 2013 21:34:09 +0200
User-agent:	Mutt/1.5.21 (2010-09-15)

Hi all,

An uncontrolled format string has been fixed in WeeChat 0.4.1, which was
released yesterday.

It could happen in the following situations:

- when the relay receives the output of a redirected command (when using irc
  protocol in relay plugin)
  (it affects WeeChat 0.3.8 to 0.4.0)

- when sending the "ISON" command to irc server, for nicks monitored by command
  /notify
  (it affects WeeChat 0.3.6 to 0.4.0)

- when sending an unknown command to irc server (if option
  "irc.network.send_unknown_commands" is enabled)
  (it affects WeeChat 0.3.0 to 0.4.0)

For more info and workarounds, visit the WeeChat security page:
http://weechat.org/download/security/

-- 
Cordialement / Best regards
Sébastien.

web: flashtux.org / weechat.org      mail: address@hidden
irc: FlashCode @ irc.freenode.net    xmpp: address@hidden

signature.asc
Description: Digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Weechat-security] Security vulnerability fixed in WeeChat 0.4.1, FlashCode <=

Index(es):
- Date
- Thread