IRSSI-SA-2019-06 Irssi Security Advisory [1] ============================================ CVE-2019-13045 Description ----------- (a) Use after free when sending SASL login to the server found by ilbelkyr. (CWE-416, CWE-825) CVE-2019-13045 [2] was assigned to this issue. Impact ------ May affect the stability of Irssi. SASL logins may fail, especially during (manual and automated) reconnect. Affected versions ----------------- (a) Irssi 0.8.18 and later Fixed in -------- Irssi 1.0.8, 1.1.3, 1.2.1 Recommended action ------------------ Upgrade to the latest Irssi. We've published maintenance releases, without any new features. After installing the updated packages, one can issue the /upgrade command to load the new binary. TLS connections will require /reconnect. Mitigating facts ---------------- Users who have not configured SASL, are not affected by this issue. References ---------- [1] https://irssi.org/security/irssi_sa_2019_06.txt [2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13045