FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

weechat -- Crash or freeze when decoding IRC colors in strings

Affected packages
0.3.6 <= weechat < 0.3.9.1
20110614 <= weechat-devel < 20121110

Details

VuXML ID e02c572f-2af0-11e2-bb44-003067b2972c
Discovery 2012-11-09
Entry 2012-11-10
Modified 2012-11-13

Sebastien Helleu reports:

A buffer overflow is causing a crash or freeze of WeeChat when decoding IRC colors in strings.

Workaround for a non-patched version: /set irc.network.colors_receive off

[source]

References

CVE Name CVE-2012-5854
FreeBSD PR ports/173513
URL http://weechat.org/security/
URL https://savannah.nongnu.org/bugs/?37704

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.