SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for w3m-0.5.3+git20180125-11.164.x86_64.rpm :

* Thu Jan 25 2018 Thomas.BlumeAATTsuse.com- add git ChangeLog to /usr/share/doc/w3m/- update to version 0.5.3+git20180125 addressed security issue: CVE-2018-6196: w3m: an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value allows for (bsc#1077559) CVE-2018-6197: w3m: NULL pointer dereference flaw in formUpdateBuffer in form.c (bsc#1077568) CVE-2018-6198: w3m: does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files (bsc#1077572) other changes, bugfixes see: /usr/share/doc/w3m/ChangeLog
* Thu Nov 24 2016 Thomas.BlumeAATTsuse.com- update to debian git version (bsc#1011293) addressed security issues: CVE-2016-9621: w3m: global-buffer-overflow write (bsc#1012020) CVE-2016-9622: w3m: null deref (bsc#1012021) CVE-2016-9623: w3m: null deref (bsc#1012022) CVE-2016-9624: w3m: near-null deref (bsc#1012023) CVE-2016-9625: w3m: stack overflow (bsc#1012024) CVE-2016-9626: w3m: stack overflow (bsc#1012025) CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026) CVE-2016-9628: w3m: null deref (bsc#1012027) CVE-2016-9629: w3m: null deref (bsc#1012028) CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029) CVE-2016-9631: w3m: null deref (bsc#1012030) CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031) CVE-2016-9633: w3m: OOM (bsc#1012032) CVE-2016-9434: w3m: null deref (bsc#1011283) CVE-2016-9435: w3m: use uninit value (bsc#1011284) CVE-2016-9436: w3m: use uninit value (bsc#1011285) CVE-2016-9437: w3m: write to rodata (bsc#1011286) CVE-2016-9438: w3m: null deref (bsc#1011287) CVE-2016-9439: w3m: stack overflow (bsc#1011288) CVE-2016-9440: w3m: near-null deref (bsc#1011289) CVE-2016-9441: w3m: near-null deref (bsc#1011290) CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291) CVE-2016-9443: w3m: null deref (bsc#1011292) dropped patches: w3m-fix-build-with-imlib2-1.4.6.patch w3m-scheme.patch w3mman-formatting.patch w3m-parallel-make.patch w3m-gc7.diff w3m-openssl.patch w3m-closedir.patch w3m-fh-def.patch w3m-ssl-verify.patch w3m-parsetagx-crash.patch w3m-tempdir-override.patch w3m-0.5.1-no-ASCII-equivalents-by-default.patch w3m-uninitialized.patch w3m-inline-image.patch w3m-0.4.1-textarea-segfault.dif ported patches: w3m-disable-cookie-special-domain-check.patch to 0001-allow-to-configure-the-accept-option-for-bad-cookies.patch w3m-0.4.1-session-mgmt.dif to 0001-implements-simple-session-management.patch w3m-history-crossdev.patch to 0001-handle-EXDEV-during-history-file-rename.patch w3mman-formatting.patch to 0001-w3mman-don-t-show-invalid-characters-bsc-950800.patch
* Fri Jun 24 2016 fweissAATTsuse.com- w3mman-formatting.patch: w3mman now doesn\'t show invalid characters anymore (bsc#950800)
* Wed Jun 22 2016 maxAATTsuse.com- Add w3m-scheme.patch to fix a segfault when doing a https request to an unresolvable host (bsc#950468).
  
ICM