SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for irssi-1.1.3-lp150.33.1.x86_64.rpm :

* Sat Jun 29 2019 Ailin Nemui - update to 1.1.3 ! Contains all changes from 1.0.8 - Fix regression of #779 where autolog_ignore_targets would not matching itemless windows anymore (#1012, #1013) - Fix a use after free issue when sending the SASL login on (automatic and manual) reconnects (#1055, #1058). Reported by ilbelkyr. CVE-2019-13045 bsc#1139802
* Wed Jan 09 2019 Ailin Nemui - update to 1.1.2 - Fix the resetting of window hiddenlevel (#861) - Fix clearing of hidelevel in layout (#951) - Fix accessing unallocated text when checking entry position (#930) - Fix uninitialised memory on empty lines (#873, GL#31, #878, [#877], #907, #914) - Fix use-after-free on expiration of hidden lines (#948) (CVE-2019-5882 boo#1121396) - Fix use-after-frees. By Maya Rashish (#919) - Fix out of bounds access in help display when window width is small (#949) - Fix paste_join_multiline (#971) - Correctly check for errno when displaying SSL errors. By Janik Rabe (#895) - Fix wrong signal emission argument count (#965) - Documentation (#920). Sync NEWS, scripts (#849) - Fix Perl detection on MacOS. By Dominyk Tiller (#927) - Misc fixes. By Jaroslav Škarvada (#982)
* Thu Feb 15 2018 ailin.nemuiAATTgmail.com- update to 1.1.1 (bsc#1081238): - Restore compatibility with OpenSSL < 1.0.2 (#820, #831) - Fix test compilation on some platforms (#815, #816) - Fix portability and backwards compatibility of test runner (#818, #845) - Prevent use after free error during the execution of some commands. Found by Joseph Bisch (GL#17, GL!24). - Revert netsplit print optimisation due to crashes (#465, #809, [#812], #819, #824). CVE-2018-7054 - Fix use after free when SASL messages are received in unexpected order (GL#26, GL!33). CVE-2018-7053 - Fix null pointer dereference in the tab completion when an empty nick is joined (GL#24, GL!31). CVE-2018-7050 - Fix use after free when entering oper password (GL#22, GL!32). - Fix null pointer dereference when too many windows are opened (GL#27, #837). CVE-2018-7052 - Fix out of bounds access in theme strings when the last escape is incomplete. Credit to Oss-Fuzz (#842). CVE-2018-7051 - Fix out of bounds write when using negative counts on window resize (GL#25, GL#29, #836). - Minor help correction. By William Jackson (#834).
* Tue Jan 16 2018 avindraAATTopensuse.org- update to 1.1.0
* Changes + Colour is now re-set when reaching a comma, matching mIRC behaviour + Irssi now shows the initial nick and name on first start + lynx is no longer required to run autogen.sh + The command history no longer permits wrapping around + /foreach now correctly sends arguments as commands, stopping you from embarassing AMSGs + /server does not connect to servers anymore, use /server connect to change servers + The net_ip_compare API function is now deprecated, and the previously deprecated net_connect has been removed
* Additions + Add an option to ignore all channels or ignore all queries using /set activity_hide_targets + Add a startup warning if the TERM var is wrong inside tmux / screen + Add option to hide certain levels from the textbuffer using / window hidelevel + Irssi now has its first unit test (for mode parsing) + Added access to global command history when using window history, and a binding to erase entries from the command history (erase_history_entry) + -alternate_nick is now available as a network specific property + On FreeBSD, Irssi now supports Capsicum sandbox (/capsicum enter) + Filenames (directories) ending with a / now tab-complete + UTF-8 should now work in regular expressions when using GRegex (the default) + Nicks are now properly escaped on completion + /server add -port now works + Add a setting key_timeout to make key sequences automatically re-set when not finished + Warn users about expired client certificates, as servers may refuse them + Add a new net_start_ssl function for StartTLS. This is available from ABI 8 and can be used by protocol modules + The %# code is now stored in the textbuffer, so for example web scripts can make use of it + Add new setting break_wide which can be used to enable breaking of wide characters (for east-asian users) + Add fuzzing code
* Fixes + Netsplits show properly again + Do not error on blank lines when using /exec -o + Detect used nickname as reported by server + Prevent use after free error during the execution of some commands + Fix MODE parameter parsing when colon was used at a place Irssi didn\'t expect + Fixed code to compile with -Werror=declaration-after-statement + Clang-format is now supported for git-clang-format + Fix use after free when changing the network of hilights + Fix positioning error when tab-completing non-ascii strings + In-development issues + Clarify Alis in /help list + Improve /lastlog performance from O(N^2) to O(N) + Fix a segfault on \"script destroyed\" signal + Fix early ISON error + Documentation improvements + Minor cleanups + Fix space issue in glib-2.0.m4- cleanup with spec-cleaner- drop regex-patch-653.patch
* fixed upstream in 79bbca4644cad7f2dee89c7ac6b8f9acc2c8b427
* Sat Jan 06 2018 ailin.nemuiAATTgmail.com- update to 1.0.6 (bsc#1074958) - Fix invalid memory access when reading hilight configuration (#787, #788). - Fix null pointer dereference when the channel topic is set without specifying a sender (GL#20, GL!25). CVE-2018-5206 - Fix return of random memory when using incomplete escape codes (GL#21, GL!26). CVE-2018-5205 - Fix heap buffer overflow when completing certain strings (GL#19, GL!27). CVE-2018-5208 - Fix return of random memory when using an incomplete variable argument (GL#18, GL!28). CVE-2018-5207
* Sun Oct 22 2017 ailin.nemuiAATTgmail.com- update to 1.0.5 (boo#1064540) - Fix missing -sasl_method \'\' in /NETWORK (#718, #719). - Fix incorrect restoration of term state when hitting SUSP inside screen (#737, #733). - Fix out of bounds read when compressing colour sequences. Found by Hanno Böck (GL#12, GL!18). CVE-2017-15228 - Fix use after free condition during a race condition when waiting on channel sync during a rejoin (GL#13, GL!19). CVE-2017-15227 - Fix null pointer dereference when parsing certain malformed CTCP DCC messages (GL#14, GL!20). CVE-2017-15721 - Fix crash due to null pointer dereference when failing to split messages due to overlong nick or target (GL#15, GL!21). CVE-2017-15723 - Fix out of bounds read when trying to skip a safe channel ID without verifying that the ID is long enough (GL#16, GL!22). CVE-2017-15722 - Fix return of random memory when inet_ntop failed (#769). - Minor statusbar help update. By Robert Bisewski (#758, [#763]).
* Thu Jul 06 2017 ailin.nemuiAATTgmail.com- update to 1.0.4 - Fix null pointer dereference when parsing invalid timestamp (GL#10, GL!15). Reported by Brian \'geeknik\' Carpenter. CVE-2017-10965 boo#1047709 - Fix use-after-free condition when removing nicks from the internal nicklist (GL#11, GL!16). Reported by Brian \'geeknik\' Carpenter. CVE-2017-10966 - Fix incorrect string comparison in DCC file names (#714). - Fix regression in Irssi 1.0.3 where it would claim \"Invalid time \'-1\'\" (#716, #722). - Fix a bug when using \
to separate lines with expand_escapes (#723). - Retain screen output on improper exit, to better see any error messages (#287, #721). - Minor help update (#729).
* Tue Jun 06 2017 ailin.nemuiAATTgmail.com- update to 1.0.3 - Fix out of bounds read when scanning expandos (GL!11). - Fix invalid memory access with quoted filenames in DCC (GL#8, GL!12). bsc#1043052 CVE-2017-9469 - Fix null-pointer dereference on DCC without address (GL#9, GL!13). bsc#1043051 CVE-2017-9468 - Improve integer overflow handling. Originally reported by oss-fuzz#525 (#706). - Improve nicklist performance from O(N^2) to O(N) (#705). - Fix initial screen redraw delay. By Stephen Oberholtzer (#680, bdo#856201). - Fix incorrect reset of true colours when resetting background. (#711). - Fix missing -notls option in /SERVER. By Jari Matilainen (#117, #702). - Fix minor history glitch on overcounter (#462, #685). - Improved OpenSSL detection at compile time. By Rodrigo Rebello (#677). - Improved NetBSD Terminfo detection. By Maya Rashish (#694, #698). - Add missing syntax info for COMPLETION (#687, #688). - Minor typo correction in help. By Michael Hansen (#707).
* Mon Mar 13 2017 astiegerAATTsuse.com- add references to previous change
* Sat Mar 11 2017 ailin.nemuiAATTgmail.com- irssi 1.0.2 fixes a vulnerability that could result in denial of service or worse during a netjoin in certain circumstances (CVE pending) bsc#1029020 - Prevent some null-pointer crashes (GL!9). - Fix compilation with OpenSSL 1.1.0 (#628, #597). - Correct dereferencing of already freed server objects during output of netjoins. Found by APic (GL!10, GL#7). - Fix in command arg parser to detect missing arguments in tail place (#652, #651). - Fix regression that broke incoming DCC file transfers (#667, #656). - Fix issue with escaping \\ in evaluated strings (#669, #520).- Added regex-patch-653.patch from Upstream PR#653 to improve UTF8 support in GRegex
* Mon Feb 06 2017 astiegerAATTsuse.com- irssi 1.0.1:
* Fix Perl compilation in object dir
* Fix incorrect HELP SERVER example
* Correct memory leak in /OP and /VOICE
* Fix regression that broke second level completion
* Correct missing NULL termination in perl_parse boo#1023638
* Sync broken mail.pl script
* Prevent a memory leak during the processing of the SASL response boo#1023637
* Fri Jan 06 2017 idonmezAATTsuse.com- Update to version 1.0.0
* irssiproxy can now forward all tags through a single port.
* The kill buffer now remembers consecutive kills. New bindings were added: yank_next_cutbuffer and append_next_kill.
* autolog_ignore_targets and activity_hide_targets learn a new syntax tag/
* and
* to ignore whole networks or everything.
* hilight got a -matchcase flag to hilight case sensitively.
* Display TLS connection information upon connect. You can disable this by setting tls_verbose_connect to FALSE
* Certificate pinning for TLS certificates
* /names and $[…] now uses utf8 string operations.
* New setting completion_nicks_match_case
* /channel /server /network now support modify subcommand.
* New option sasl_disconnect_on_failure to disconnect when SASL log-in failed.- Drop not applied irssi-0.8.15_ssl_proxy.patch- Run through spec-cleaner, remove support for old openSUSE/SUSE releases.
* Fri Jan 06 2017 astiegerAATTsuse.com- irssi 0.8.21 fixes four vulnerabilities that could result in denial of service (remote crash) when connecting to malicious servers or receiving specially crafted data [boo#1018357]:
* CVE-2017-5193: NULL pointer dereference in the nickcmp function
* CVE-2017-5194: out of bounds read in certain incomplete control codes
* CVE-2017-5195: out of bounds read in certain incomplete character sequences
* CVE-2017-5196: Correct an error when receiving invalid nick message
* CVE-2017-5356: out of bounds read in format string [boo#1019809]- drop irssi-0.8.20-buf.pl.patch, upstream
* Thu Oct 06 2016 meissnerAATTsuse.com- irssi-0.8.20-buf.pl.patch: Fixed a information disclosure in buf.pl (CVE-2016-7553 bsc#1001215)
* Wed Sep 21 2016 mrueckertAATTsuse.de- disable PIE on sle11
* Wed Sep 21 2016 mrueckertAATTsuse.de- add BR for xz to fix build on sle11- switch to %{?_smp_mflags}- pass --disable-silent-rules to get verbose makefiles again
* Wed Sep 21 2016 meissnerAATTsuse.com- Update to version 0.8.20 - Correct the name of an emitted sasl signal (#484) - Correct the prototype for the \'message private\' signal (#515) - Corrections in away and hilight help text (#477, #518) - /squery and /servlist commands have been restored. - Where Irssi would previously only report \"System error\" on connect, it will now try harder to retrieve the system error message. - Fixed issue with +channels not working properly (#533) - Fixed crash in optchan when item has no server (#485) - Fixed random remote crash in the nicklist handling (#529) - Fixed remote crash due to incorrect bounds checking on formats, reported by Gabriel Campana and Adrien Guinet from Quarkslab. (CVE-2016-7044, CVE-2016-7045, bsc#999199)
* Sat Mar 26 2016 idonmezAATTsuse.com- Update to version 0.8.19
* Fixed regression when joining and parting channels on IRCnet
* Fixed SASL EXTERNAL
* Fixed regression when not using SASL
* Fixed incorrect SSL disconnects when using SSL from modules/scripts
* Fixed regression where proxy_string could not be configured or certain file transfers could not be accepted
* Fixed storing layout of !channels
* Fixed restoration of bracketed paste mode on quit
* Make the usage of meta-O for cursor keys configurable with /set term_appkey_mode off
* Wed Mar 02 2016 idonmezAATTsuse.com- Update to version 0.8.18 New Features + CAP SASL PLAIN login is now supported natively. + Paste bracket markers can be requested from terminal with /set paste_use_bracketed_mode on + \"Self messages\" generated by some bouncers can now be received in the proper window. + Try to split long lines on spaces to avoid words being splitted. Adds a new option: split_line_on_space which defaults to on. + Add setting hilight_nick_matches_everywhere (#56). + The config parser is more robust and prints out better diagnostics on incorrect config files. + Ctrl+^ (FS#721) and Ctrl+J can now be bound. + Command history can be cleared with /window history -clear + /hilight -mask -line is now supported (FS#275). + CHANTYPES are now supported. + Improved reload speed of ignores. + Add -date feature to /lastlog + irssiproxy can be more easily enabled and disabled. + Expando for hostname (FS#829). + UNIX sockets can now also be specified in the config file. + Disable SSLv3 due to the POODLE vulnerability. + SSL ciphers can now be specified per server. + Added SNI support for SSL. Bugfixes + /ignore now respects -pattern on merge (#78). + irssiproxy (BNC) module now uses correct line endings. + Fix missing lines on large pastes (FS#905). + Correctly preserve STATUSMSG prefixes (#291). + Fix infinite recursion in key bindings (FS#817). + Fix incomplete awaylog caused by buffering. + Fix calculation of UTF-8 string length display in some cases. + Fix some Perl warnings related to AATTISA. + EXEC windowitems now get proper references on the Perl side. + Incremental help file improvements. + ANSI attributes are now properly reset. + Fixed regression where text would blink when terminal lacks color support. + Permit the usage of Freenode extban syntax in /ban (#150) + Fixed regression in scriptassist on unload of scripts. + Fixed regression in -actcolor %n- Remove irssi-0.8.15-ssl-passphrase.patch, fixed upstream.
* Sun Jan 10 2016 astiegerAATTsuse.com- downloads moved to github- verify source signature
* Thu Jan 01 2015 meissnerAATTsuse.com- build with PIE
* Fri Oct 17 2014 mrueckertAATTsuse.de- update to 0.8.17 + Document that SSL connections aren\'t properly handled during /UPGRADE. See Github PR #39. + Synchronize scripts with scripts.irssi.org. + Performance enhancement of the nicklist as well as the window_item_find function. See Github PR #24. + Disallow unloading of static modules. + Allow UTF-8 characters in /bind. See Github PR #18. + Split overlong outgoing messages instead of silently truncating them. Adds two new options: \'split_line_end\' and \'split_line_start\'. - \'split_line_end\' contains a string added to the end of line fragments. - \'split_line_start\' contains a string added to the beginning of line fragments. See Github PR #29. + Added special /ignore NO_ACT level to ignore only activity (see /help ignore). + Support for 256 and true color terminals (see Github PR #48). + Support for italics (see Github PR #58). + Rewrote many help files. - Fixed various compiler warnings and use of deprecated functions. - Fixed Perl API usage and added PERL_NO_GET_CONTEXT to reduce code size. - Fixed format_get_text Perl API. See Github PR #23. - Fixed gui_printtext_after and term_refresh_
*() visibility. See Github PR #22. - Fixed issue where UTF-8 characters was corrupted once for every 32k text. See Github PR #12. - Fixed redrawing issue with right-aligned statusbar. - Fixed use-after-free bug with cached settings values. See Github PR #147.
  
ICM