Security
Security
A processing error in WeeChat might lead to a Denial of Service.
| Package | net-irc/weechat on all architectures |
|---|---|
| Affected versions | < 0.2.6.1 |
| Unaffected versions | >= 0.2.6.1 |
Wee Enhanced Environment for Chat (WeeChat) is a light and extensible console IRC client.
Sebastien Helleu reported an array out-of-bounds error in the colored message handling.
A remote attacker could send a specially crafted PRIVMSG command, possibly leading to a Denial of Service (application crash).
There is no known workaround at this time.
All WeeChat users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-irc/weechat-0.2.6.1"
Release date
April 04, 2009
Latest revision
April 04, 2009: 01
Severity
normal
Exploitable
remote
Bugzilla entries