SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for w3m-debuginfo-0.5.3+git20230121-4.1.i586.rpm :

* Tue Jul 25 2023 Thomas Blume - CVE-2023-38253: out-of-bounds read in growbuf_to_Str() at w3m/indep.c (bsc#1213323)- CVE-2023-38252 out-of-bounds read in Strnew_size() at w3m/Str.c (bsc#1213324)- add 0001-Fix-OOB-access-due-to-multiple-backspaces.patch
* Fri Apr 28 2023 Muhammad Akbar Yanuar Mantari - update to version 0.5.3+git20230121- add 0001-Update-German-message-catalogue.patch- dropped patches: 0001-allow-to-configure-the-accept-option-for-bad-cookies.patch 0001-implements-simple-session-management.patch 0001-handle-EXDEV-during-history-file-rename.patch 0001-w3mman-don-t-show-invalid-characters-bsc-950800.patch 0001-Fix-warning-for-unused-variable-without-USE_M17N.patch 0002-Fix-m17n-backspace-handling-causes-out-of-bounds-wri.patch
* Tue Jan 10 2023 Thomas Blume - CVE-2022-38223 Out-of-bounds write in checkType located in etc.c (bsc#1202684) - add: 0002-Fix-m17n-backspace-handling-causes-out-of-bounds-wri.patch 0001-Fix-warning-for-unused-variable-without-USE_M17N.patch
* Thu Jan 25 2018 Thomas.BlumeAATTsuse.com- add git ChangeLog to /usr/share/doc/w3m/- update to version 0.5.3+git20180125 addressed security issue: CVE-2018-6196: w3m: an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value allows for (bsc#1077559) CVE-2018-6197: w3m: NULL pointer dereference flaw in formUpdateBuffer in form.c (bsc#1077568) CVE-2018-6198: w3m: does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files (bsc#1077572) other changes, bugfixes see: /usr/share/doc/w3m/ChangeLog
* Thu Nov 24 2016 Thomas.BlumeAATTsuse.com- update to debian git version (bsc#1011293) addressed security issues: CVE-2016-9621: w3m: global-buffer-overflow write (bsc#1012020) CVE-2016-9622: w3m: null deref (bsc#1012021) CVE-2016-9623: w3m: null deref (bsc#1012022) CVE-2016-9624: w3m: near-null deref (bsc#1012023) CVE-2016-9625: w3m: stack overflow (bsc#1012024) CVE-2016-9626: w3m: stack overflow (bsc#1012025) CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026) CVE-2016-9628: w3m: null deref (bsc#1012027) CVE-2016-9629: w3m: null deref (bsc#1012028) CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029) CVE-2016-9631: w3m: null deref (bsc#1012030) CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031) CVE-2016-9633: w3m: OOM (bsc#1012032) CVE-2016-9434: w3m: null deref (bsc#1011283) CVE-2016-9435: w3m: use uninit value (bsc#1011284) CVE-2016-9436: w3m: use uninit value (bsc#1011285) CVE-2016-9437: w3m: write to rodata (bsc#1011286) CVE-2016-9438: w3m: null deref (bsc#1011287) CVE-2016-9439: w3m: stack overflow (bsc#1011288) CVE-2016-9440: w3m: near-null deref (bsc#1011289) CVE-2016-9441: w3m: near-null deref (bsc#1011290) CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291) CVE-2016-9443: w3m: null deref (bsc#1011292) dropped patches: w3m-fix-build-with-imlib2-1.4.6.patch w3m-scheme.patch w3mman-formatting.patch w3m-parallel-make.patch w3m-gc7.diff w3m-openssl.patch w3m-closedir.patch w3m-fh-def.patch w3m-ssl-verify.patch w3m-parsetagx-crash.patch w3m-tempdir-override.patch w3m-0.5.1-no-ASCII-equivalents-by-default.patch w3m-uninitialized.patch w3m-inline-image.patch w3m-0.4.1-textarea-segfault.dif ported patches: w3m-disable-cookie-special-domain-check.patch to 0001-allow-to-configure-the-accept-option-for-bad-cookies.patch w3m-0.4.1-session-mgmt.dif to 0001-implements-simple-session-management.patch w3m-history-crossdev.patch to 0001-handle-EXDEV-during-history-file-rename.patch w3mman-formatting.patch to 0001-w3mman-don-t-show-invalid-characters-bsc-950800.patch
* Fri Jun 24 2016 fweissAATTsuse.com- w3mman-formatting.patch: w3mman now doesn\'t show invalid characters anymore (bsc#950800)
* Wed Jun 22 2016 maxAATTsuse.com- Add w3m-scheme.patch to fix a segfault when doing a https request to an unresolvable host (bsc#950468).
* Mon Mar 02 2015 mlinAATTsuse.com- Add w3m-fix-build-with-imlib2-1.4.6.patch: fix build with imlib2 1.4.6, the patch is from Debian. See http://sourceforge.net/p/w3m/patches/70/
* Sun Dec 21 2014 meissnerAATTsuse.com- build with PIE support
* Wed Mar 12 2014 schwabAATTlinux-m68k.org- w3m-parallel-make.patch: More dependency fixes for parallel build
  
ICM