WeeChat DevCenter

Tag - security

Entries feed

Thursday, February 20 2020

Version 2.7.1

Version 2.7.1 is available, it fixes three security problems:

  • a malformed IRC message 324 (channel mode) can cause a buffer overflow and possibly a crash (CVE-2020-8955)
  • a new IRC message 005 received with longer nick prefixes can cause a buffer overflow and possibly a crash
  • a malformed IRC message 352 (WHO) can cause a crash.

Upgrade is recommended for all users.

Saturday, September 23 2017

Version 1.9.1

Version 1.9.1 is available, it fixes a security problem: a crash can happen in logger plugin when converting date/time specifiers in file mask. Two other bugs are fixed as well in buflist and relay plugins.

Upgrade is recommended for all users.

Sunday, November 18 2012

Version 0.3.9.2

Version 0.3.9.2 is available, it fixes a security problem: untrusted command for function hook_process could lead to execution of commands, because of shell expansions.

Upgrade is highly recommended for all users.

Friday, November 9 2012

Version 0.3.9.1

Version 0.3.9.1 is available, it fixes a security problem (buffer overflow when decoding IRC colors in strings).

Upgrade is recommended for all users.

Sunday, January 31 2010

Version 0.3.1.1

Version 0.3.1.1 is available!

This version fixes crashes with SSL connection and purge of old DCC chats. It is recommended to upgrade from 0.3.1 to 0.3.1.1 for all users.