Irssi could be made to crash if it received specially crafted network traffic.
Gabriel Campana and Adrien Guinet discovered that the format parsing code in Irssi did not properly verify 24bit color codes. A remote attacker could use this to cause a denial of service (application crash). (CVE-2016-7044)
21 September 2016
A security issue affects these releases of Ubuntu and its derivatives:
Irssi could be made to crash if it received specially crafted network traffic.
Gabriel Campana and Adrien Guinet discovered that the format parsing code in Irssi did not properly verify 24bit color codes. A remote attacker could use this to cause a denial of service (application crash). (CVE-2016-7044)
Gabriel Campana and Adrien Guinet discovered that a buffer overflow existed in the format parsing code in Irssi. A remote attacker could use this to cause a denial of service (application crash). (CVE-2016-7045)
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart Irssi to make all the necessary changes.