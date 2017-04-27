-----BEGIN PGP SIGNED MESSAGE-----

Debian Security Advisory DSA-3836-1

https://www.debian.org/security/ Salvatore Bonaccorso

April 27, 2017

Package : weechat

CVE ID : CVE-2017-8073

Debian Bug : 861121



It was discovered that weechat, a fast and light chat client, is prone

to a buffer overflow vulnerability in the IRC plugin, allowing a remote

attacker to cause a denial-of-service by sending a specially crafted

filename via DCC.



For the stable distribution (jessie), this problem has been fixed in

version 1.0.1-1+deb8u1.



For the unstable distribution (sid), this problem has been fixed in

version 1.7-3.



We recommend that you upgrade your weechat packages.



