openSUSE Security Update: Security update for irssi ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0587-1 Rating: moderate References: #1184848 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for irssi fixes the following issues: irssi was updated to 1.2.3 (boo#1184848) - Fix the compilation of utf8proc (#1021) - Fix wrong call to free. By Zero King (#1076) - Fix a colour reset in true colour themes when encountering mIRC colours (#1059) - Fix memory leak on malformed CAP requests (#1120) - Fix an erroneous free of SASL data. Credit to Oss-Fuzz (#1128, #1130) - Re-set the TLS flag when reconnecting (#1027, #1134) - Fix the scrollback getting stuck after /clear (#1115, #1136) - Fix the input of Ctrl+C as the first character (#1153, #1154) - Fix crash on quit during unloading of modules on certain platforms (#1167) - Fix Irssi freezing input after Ctrl+Space on GLib >2.62 (#1180, #1183) - Fix layout of IDCHANs. By Lauri Tirkkonen (#1197) - Fix crash when server got reconnected before it was properly connected (#1210, #1211) - Fix multiple identical active caps (#1249) - Minor help corrections (#1156, #1213, #1214, #1255) - Remove erroneous colour in the colorless theme. Reported and fixed by Nutchanon Wetchasit (#1220, #1221) - Fix invalid bounds calculation when editing the text entry. Found and fixed by Sergey Valentey (#1269) - Fix passing of negative size in buffer writes. Found and fixed by Sergey Valentey (#1270) - Fix Irssi freezing on slow hardware and fast DCC transfers (#159, #1271) - Fix compilation on Solaris (#1291) - Fix null pointer dereference when receiving broken JOIN record. Credit to Oss-Fuzz (#1292) - Fix crash on /connect to some sockets (#1239, #1298) - Fix Irssi rendering on Apple ARM. By Misty De M��o (#1267, #1268, #1290) - Fix crash on /lastlog with broken lines (#1281, #1299) - Fix memory leak when receiving bogus SASL authentication data. Found and fixed by Sergey Valentey (#1293) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-587=1 Package List: - openSUSE Leap 15.2 (x86_64): irssi-1.2.3-lp152.3.3.1 irssi-debuginfo-1.2.3-lp152.3.3.1 irssi-debugsource-1.2.3-lp152.3.3.1 irssi-devel-1.2.3-lp152.3.3.1 References: https://bugzilla.suse.com/1184848