Weechat Security Issues

At the start of the week my Weechat CLI Irc client segfaulted for the first time in the last year of using it. I reconnected to rejoin #weechat on freenode. I pinged FlashCode (The main dev of Weechat) and asked him if he wanted my bug report he replied It is a known issue and he was busy patching Weechat 0.2.6 (The current version in ubuntu[Gutsy,hardy,Itrepid,Januty]) later that day he released 0.2.6.1.

Debian has released a security update patch for this package. I filed this as a bug on launchpad but no response as of yet.

Since then people have been joining channels just to try crash Weechat more and more and my weechat continued to segfault. I had two choices. 1) Download and compile the patch 2) Install the devel version. I chose to go with the devel version! 🙂

The new devel version is pretty much a stable release with minor features missing here and there but the application isn’t buggy at all. The new version is under active development by FlashCode. The new almost complete re-write of weechat boasts a much fuller API for scripts and plugins. Script such as weetris(Inline tetris game) would never have been possible on the older version. I have been using for the last few hours with no issues. The TUI is much smoother and easier to use .

Missing scripts 🙁
1) urlgrap.py Allows user to choose to open the last url in their browser i.e. /url 1
2) weenotify.py Uses libnotify to alert a user of private messages or highlights in any channel.

Screen shots and install instructions are located here hopefully there will be a patch released for 0.2.6 but either way I am staying on the Dev version.

Tags: ,

Thursday, March 19th, 2009 Ubuntu

4 Comments to Weechat Security Issues

  1. Or you could use irssi. 😀

    /hides

  2. Jacob Peddicord on March 20th, 2009
  3. No ways have you seen the new devel version of weechat? It has built in tetris and mastermind! Talk about being productive at work. 🙂

    /me recompiles todays patches.

  4. drubin on March 20th, 2009
  5. […] have been using the devel version of weechat since the security issue was […]

  6. Weechat Urlgrab Script drubin’s blog on April 26th, 2009
  7. […] have been using the devel version of Weechat since about march 2009 because of a exploit in 0.2.6 (Which has been fixed in the repo’s from […]

  8. My Weechat Setup Rants of a mobile dev on December 6th, 2009