MGASA-2017-0369

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2017-0369.html

Import Source

https://advisories.mageia.org/MGASA-2017-0369.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2017-0369

Related

CVE-2017-14727

Published

2017-10-13T19:33:56Z

Modified

2017-10-13T19:10:04Z

Summary

Updated weechat packages fix security vulnerability

Details

It was discovered that logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized (CVE-2017-14727).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:6 / weechat

Package

Name: weechat
Purl: pkg:rpm/mageia/weechat?distro=mageia-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.7.1-1.1.mga6

Ecosystem specific

{
    "section": "core"
}

Mageia:5 / weechat

Package

Name: weechat
Purl: pkg:rpm/mageia/weechat?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.4.1-7.2.mga5

Ecosystem specific

{
    "section": "core"
}