A denial of service flaw was found in the WeeChat IRC client. A remote attacker could use this flaw to cause the WeeChat client crash, via special characters sent in a IRC message. References: http://weechat.flashtux.org/download.php https://savannah.nongnu.org/bugs/index.php?25862 Solution: Please upgrade to latest upstream release 0.2.6.1.
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-0661 to the following vulnerability: Wee Enhanced Environment for Chat (WeeChat) 0.2.6 allows remote attackers to cause a denial of service (crash) via a crafted IRC message that contains unspecified "special chars." References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0661 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519940 http://savannah.nongnu.org/bugs/index.php?25862 http://weechat.flashtux.org/ http://www.securityfocus.com/bid/34148 http://secunia.com/advisories/34304
I am about to push the update
weechat-0.2.6.1-1.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/weechat-0.2.6.1-1.fc9
weechat-0.2.6.1-1.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/weechat-0.2.6.1-1.fc10
weechat-0.2.6.1-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
weechat-0.2.6.1-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.