IRSSI-SA-2019-01 Irssi Security Advisory [1] ============================================ CVE-2019-5882 Description ----------- (a) Use after free when hidden lines were expired from the scroll buffer. (CWE-416, CWE-825) CVE-2019-5882 [2] was assigned to this issue. Impact ------ May affect the stability of Irssi. Affected versions ----------------- (a) Irssi 1.1.0 and later Fixed in -------- Irssi 1.1.2 Recommended action ------------------ Upgrade to Irssi 1.1.2. Irssi 1.1.2 is a maintenance release in the 1.1 series, without any new features. After installing the updated packages, one can issue the /upgrade command to load the new binary. TLS connections will require /reconnect. Mitigating facts ---------------- (a) If lines are never hidden (no usage of /window hidelevel), this bug will not trigger. References ---------- [1] https://irssi.org/security/irssi_sa_2019_01.txt [2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5882