rtime.felk.cvut.cz Git - coffee/buildroot.git/commit

author	Peter Korsgaard <peter@korsgaard.com>
	Tue, 14 Mar 2017 15:00:39 +0000 (16:00 +0100)
committer	Peter Korsgaard <peter@korsgaard.com>
	Mon, 26 Jun 2017 07:48:13 +0000 (09:48 +0200)
commit	5702de427f2e42bd06961e5c399d2ddbf979efcb
tree	098d6e51fc504823b7be81967885ec352ddae4ad	tree \| snapshot
parent	b2a355e8bebecd8240fcc764c2fc7347ad48f2f0	commit \| diff

irssi: bump version to version 1.0.2

Notice that this fixes a security issue:

CWE-416 (use after free condition during netjoin processing). No CVE
assigned yet:

https://irssi.org/security/irssi_sa_2017_03.txt

But the 0.8.x series is not believed to be vulnerable to this specific
issue. From the advisory:

Affected versions
-----------------

Irssi up to and including 1.0.1

We believe Irssi 0.8.21 and prior are not affected since a different
code path causes the netjoins to be flushed prior to reaching the use
after free condition.

Openssl is no longer optional, so select it and drop the enable/disable
handling.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d1e2d290d9fd4cc8b12bcae72725ebad1cac8edc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/irssi/Config.in		diff \| blob \| history
package/irssi/irssi.hash		diff \| blob \| history
package/irssi/irssi.mk		diff \| blob \| history