=========================================================== Ubuntu Security Notice USN-259-1 March 01, 2006 irssi-text vulnerability CVE-2006-0458 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 (Breezy Badger) The following packages are affected: irssi-text The problem can be corrected by upgrading the affected package to version 0.8.9+0.8.10rc5-0ubuntu4.1. After a standard system upgrade you need to restart irssi to effect the necessary changes. Details follow: A Denial of Service vulnerability was discoverd in irssi. The DCC ACCEPT command handler did not sufficiently verify the remotely specified arguments. A remote attacker could exploit this to crash irssi by sending a specially crafted DCC commands. Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/irssi-text/irssi-text_0.8.9+0.8.10rc5-0ubuntu4.1.diff.gz Size/MD5: 12568 50ec4fee5eaf55ba7a312373bbaca462 http://security.ubuntu.com/ubuntu/pool/main/i/irssi-text/irssi-text_0.8.9+0.8.10rc5-0ubuntu4.1.dsc Size/MD5: 739 23ccac99b2a8f82d47cb1cc5f9a51ac8 http://security.ubuntu.com/ubuntu/pool/main/i/irssi-text/irssi-text_0.8.9+0.8.10rc5.orig.tar.gz Size/MD5: 1192158 7c0b6c1533c85e918f41ded1238e4ca1 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/i/irssi-text/irssi-text_0.8.9+0.8.10rc5-0ubuntu4.1_amd64.deb Size/MD5: 955832 134ebeda2593d742a808a79b78a9f488 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/i/irssi-text/irssi-text_0.8.9+0.8.10rc5-0ubuntu4.1_i386.deb Size/MD5: 851690 854b0e9e9ff3a73160a71d1b5445d850 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/i/irssi-text/irssi-text_0.8.9+0.8.10rc5-0ubuntu4.1_powerpc.deb Size/MD5: 937644 73f7b5547d9905e95006889dbc92082b
Attachment:
signature.asc
Description: Digital signature