IRSSI-SA-2023-03 Irssi Security Advisory [1] ============================================ CVE-2023-29132 Description ----------- (a) Use after free while using a stale special collector reference found by ednash. (CWE-416) CVE-2023-29132 [2] was assigned to this issue. Impact ------ May affect the stability of Irssi. Affected versions ----------------- (a) Irssi 1.3.0 and later Fixed in -------- Irssi 1.4.4 Recommended action ------------------ Upgrade to Irssi 1.4.4. After installing the updated packages, one can issue the /upgrade command to load the new binary. Mitigating facts ---------------- The precondition for this issue is printing a non-formatted line during the printing of a formatted line. This is unlikely to happen without scripts, and is obscured by the slice allocator when using GLib before version 2.75. References ---------- [1] https://irssi.org/security/irssi_sa_2023_03.txt [2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29132