aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTatsuya Kinoshita <tats@debian.org>2016-11-19 06:41:22 +0000
committerTatsuya Kinoshita <tats@debian.org>2016-11-19 06:41:22 +0000
commitfdfab25608f827945ab6c99c60708bd39868ddfd (patch)
treea00072265f43efd26b9e658d6a40c63aff7a91e4
parentUpdate ChangeLog (diff)
downloadw3m-fdfab25608f827945ab6c99c60708bd39868ddfd.tar.gz
w3m-fdfab25608f827945ab6c99c60708bd39868ddfd.zip
Update NEWS
Diffstat (limited to '')
-rw-r--r--NEWS4
1 files changed, 2 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index 769dce5..d005cbc 100644
--- a/NEWS
+++ b/NEWS
@@ -19,8 +19,8 @@ w3m X.X.X - YYYY-MM-DD
[CVE-2016-9426], [CVE-2016-9428], [CVE-2016-9429], [CVE-2016-9430],
[CVE-2016-9431], [CVE-2016-9432], [CVE-2016-9433], [CVE-2016-9434],
[CVE-2016-9435], [CVE-2016-9436], [CVE-2016-9437], [CVE-2016-9438],
- [CVE-2016-9439], [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9442],
- [CVE-2016-9443]
+ [CVE-2016-9439], [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443]
+ - fix potential heap buffer corruption due to Strgrow [CVE-2016-9442]
- disable SSLv2 and SSLv3 by default [CVE-2014-3566]
- set ssl_verify_server to 1 by default
- disable RC4, export ciphers, and keys < 128 bits