Common Vulnerabilities and Exposures assigned an identifier CVE-2009-1959 to the following vulnerability: Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow. References: http://bugs.irssi.org/index.php?do=details&task_id=662 http://xorl.wordpress.com/2009/05/28/irssi-event_wallops-off-by-one-readwrite/ http://www.irssi.org/ChangeLog http://www.openwall.com/lists/oss-security/2009/05/29/3
Upstream SVN commit: http://svn.irssi.org/cgi-bin/viewvc.cgi?view=rev&root=irssi&revision=5068
irssi-0.8.13-3.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/irssi-0.8.13-3.fc10
irssi-0.8.13-3.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/irssi-0.8.13-3.fc11
irssi-0.8.13-3.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
irssi-0.8.13-3.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.