weechat - Arch Linux
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-412 | 1.9-2 | 1.9.1-1 | Medium | Fixed | |
| AVG-253 | 1.7-2 | 1.7.1-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2017-14727 | AVG-412 | Medium | Yes | Denial of service | It has been discovered that in logger.c in the logger plugin before weechat 1.9.1 the date/time conversion specifiers are expanded after replacing buffer... |
| CVE-2017-8073 | AVG-253 | High | Yes | Denial of service | WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function... |
Advisories
| Date | Advisory | Group | Severity | Description |
|---|---|---|---|---|
| 25 Sep 2017 | ASA-201709-20 | AVG-412 | Medium | denial of service |
| 23 Apr 2017 | ASA-201704-7 | AVG-253 | High | denial of service |