SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for w3m-inline-image-0.5.3.git20161120-204.1.x86_64.rpm :
Thu Nov 24 13:00:00 2016 Thomas.BlumeAATTsuse.com
- update to debian git version (bsc#1011293)
addressed security issues:
CVE-2016-9621: w3m: global-buffer-overflow write (bsc#1012020)
CVE-2016-9622: w3m: null deref (bsc#1012021)
CVE-2016-9623: w3m: null deref (bsc#1012022)
CVE-2016-9624: w3m: near-null deref (bsc#1012023)
CVE-2016-9625: w3m: stack overflow (bsc#1012024)
CVE-2016-9626: w3m: stack overflow (bsc#1012025)
CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026)
CVE-2016-9628: w3m: null deref (bsc#1012027)
CVE-2016-9629: w3m: null deref (bsc#1012028)
CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029)
CVE-2016-9631: w3m: null deref (bsc#1012030)
CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031)
CVE-2016-9633: w3m: OOM (bsc#1012032)
CVE-2016-9434: w3m: null deref (bsc#1011283)
CVE-2016-9435: w3m: use uninit value (bsc#1011284)
CVE-2016-9436: w3m: use uninit value (bsc#1011285)
CVE-2016-9437: w3m: write to rodata (bsc#1011286)
CVE-2016-9438: w3m: null deref (bsc#1011287)
CVE-2016-9439: w3m: stack overflow (bsc#1011288)
CVE-2016-9440: w3m: near-null deref (bsc#1011289)
CVE-2016-9441: w3m: near-null deref (bsc#1011290)
CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291)
CVE-2016-9443: w3m: null deref (bsc#1011292)
dropped patches:
w3m-fix-build-with-imlib2-1.4.6.patch
w3m-scheme.patch
w3mman-formatting.patch
w3m-parallel-make.patch
w3m-gc7.diff
w3m-openssl.patch
w3m-closedir.patch
w3m-fh-def.patch
w3m-ssl-verify.patch
w3m-parsetagx-crash.patch
w3m-tempdir-override.patch
w3m-0.5.1-no-ASCII-equivalents-by-default.patch
w3m-uninitialized.patch
w3m-inline-image.patch
w3m-0.4.1-textarea-segfault.dif
ported patches:
w3m-disable-cookie-special-domain-check.patch to
0001-allow-to-configure-the-accept-option-for-bad-cookies.patch
w3m-0.4.1-session-mgmt.dif to
0001-implements-simple-session-management.patch
w3m-history-crossdev.patch to
0001-handle-EXDEV-during-history-file-rename.patch
w3mman-formatting.patch to
0001-w3mman-don-t-show-invalid-characters-bsc-950800.patch

Fri Jun 24 14:00:00 2016 fweissAATTsuse.com
- w3mman-formatting.patch: w3mman now doesn\'t show invalid
characters anymore (bsc#950800)

Wed Jun 22 14:00:00 2016 maxAATTsuse.com
- Add w3m-scheme.patch to fix a segfault when doing a https request
to an unresolvable host (bsc#950468).

Mon Mar 2 13:00:00 2015 mlinAATTsuse.com
- Add w3m-fix-build-with-imlib2-1.4.6.patch: fix build with imlib2 1.4.6,
the patch is from Debian. See http://sourceforge.net/p/w3m/patches/70/

Sun Dec 21 13:00:00 2014 meissnerAATTsuse.com
- build with PIE support

Wed Mar 12 13:00:00 2014 schwabAATTlinux-m68k.org
- w3m-parallel-make.patch: More dependency fixes for parallel build

Tue Aug 20 14:00:00 2013 schwabAATTsuse.de
- w3m-parallel-make.patch: Fix missing dependency for parallel build

Fri Jun 21 14:00:00 2013 crrodriguezAATTopensuse.org
- attempting to download a large file will end in total fail
on 32bit archs, use LFS_CFLAGS to fix that problem.

Thu Mar 21 13:00:00 2013 jengelhAATTinai.de
- Make w3m compile with gc 7.x (adds w3m-gc7.diff),
and also use the system libgc.

Mon Nov 12 13:00:00 2012 crrodriguezAATTopensuse.org
- Due to the \"CRIME attack\" (CVE-2012-4929) HTTPS clients
that negotiate TLS-level compression can be abused for
MITM attacks. (w3m-openssl.patch)
- Use SSL_MODE_RELEASE_BUFFERS if available .

Fri Sep 28 14:00:00 2012 cfarrellAATTsuse.com
- license update: ISC
w3m permissive license much more akin to ISC (spdx.org/licenses/ISC) than
to either BSD or MIT

Thu Sep 27 14:00:00 2012 crrodriguezAATTopensuse.org
- Build with OPENSSL_NO_SSL_INTERN, poor\'s man visibility
to avoid ABI breaks between different openssl version.
- Also define _GNU_SOURCE to allow some extra optimizations
with recent GCC versions.

Fri Mar 23 13:00:00 2012 maxAATTsuse.com
- Removed w3m-helppaths.patch, because it broke interactive help
(bnc#747560). It was a leftover that should have been removed
as part of the May 2011 package overhaul.

Tue Aug 30 14:00:00 2011 crrodriguezAATTopensuse.org
- Fix build error: redefinition of \'struct file_handle\'

Sat Jul 30 14:00:00 2011 crrodriguezAATTopensuse.org
- Use ncursesw6 instead of old ncurses5

Fri May 20 14:00:00 2011 maxAATTnovell.com
- Overhaul the package
- Add license files and other stuff from the doc subcdir
(bnc#666935).

Tue Jan 18 13:00:00 2011 maxAATTnovell.com
- Version 0.5.3:

* security fix
- fix vulnerabilities indicated by bugs.debian.org.
- suppress sending Referer, if https:// -> http://

* new features
- adapt w3mimg to native windows on MS Windows.
- support xterm-incompatible terminals without gpm.
- add \"xhtml\" to default guess.
- introduce option pseudo_inlines.
- add option to avoid \"wrong number of dots\" error in cookies.

* other bug fixes
- fix \"important\" bugs from bugs.debian.org
- preserve spaces in multibyte context.
- fix proxy authentication.

Tue Jun 15 14:00:00 2010 maxAATTsuse.de
- Fix handling of embedded nul characters in certificate subjects.
(bnc#609451, CVE-2010-2074).
- Turn on certificate verification by default.

Thu Dec 31 13:00:00 2009 jengelhAATTmedozas.de
- enable parallel build

Tue Nov 3 13:00:00 2009 cooloAATTnovell.com
- updated patches to apply with fuzz=0

Mon Sep 7 14:00:00 2009 maxAATTsuse.de
- Added w3m-closedir.patch to fix a directory descriptor leak in
loadLocalDir (bnc#531675).

Mon Aug 3 14:00:00 2009 jansimon.moellerAATTopensuse.org
- small patch for gc to work with qemu-arm on the workers


  
ICM