{"affected":[{"ecosystem_specific":{"binaries":[{"irssi":"1.0.4-28.1","irssi-devel":"1.0.4-28.1"}]},"package":{"ecosystem":"SUSE:Package Hub 12","name":"irssi","purl":"pkg:rpm/suse/irssi&distro=SUSE%20Package%20Hub%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.4-28.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for irssi to version fixes the following issues:\n\n- CVE-2017-10965: A malicious server could cause irssi to crash by providing an invalid timestamp\n- CVE-2017-10966: Undefined behavior may be triggered when irssi updates the internal nick list\n\nA number of minor upstream bug fixes are also included.\n","id":"openSUSE-SU-2017:1823-1","modified":"2017-07-07T23:03:39Z","published":"2017-07-07T23:03:39Z","references":[{"type":"ADVISORY","url":null},{"type":"REPORT","url":"https://bugzilla.suse.com/1047709"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-10965"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-10966"}],"related":["CVE-2017-10965","CVE-2017-10966"],"summary":"Security update for irssi","upstream":["CVE-2017-10965","CVE-2017-10966"]}