diff options
author | Tatsuya Kinoshita <tats@debian.org> | 2018-01-25 09:23:40 +0000 |
---|---|---|
committer | Tatsuya Kinoshita <tats@debian.org> | 2018-01-25 09:23:40 +0000 |
commit | 01d41d49b273a8cc75b27c6ab42291b46004fc0c (patch) | |
tree | 007b91e45de50d06ceef3458fd5b8c123b09f3be | |
parent | Update ChangeLog (diff) | |
download | w3m-01d41d49b273a8cc75b27c6ab42291b46004fc0c.tar.gz w3m-01d41d49b273a8cc75b27c6ab42291b46004fc0c.zip |
Add CVE IDs
cf. https://security-tracker.debian.org/tracker/source-package/w3m
Diffstat (limited to '')
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | NEWS | 8 |
2 files changed, 8 insertions, 6 deletions
@@ -6,6 +6,8 @@ * config.h.dist, config.h.in, configure, configure.ac, main.c, rc.c: Make temporary directory safely when ~/.w3m is unwritable. + Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888097 + [CVE-2018-6198] * rc.c: Suppress error messages when ~/.w3m is unwritable. Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871425 @@ -16,7 +18,7 @@ Update config.* with autotools-dev 20171216.1. * table.c: Prevent negative indent value in feed_table_block_tag(). - Bug-Debian: https://github.com/tats/w3m/issues/88 + Bug-Debian: https://github.com/tats/w3m/issues/88 [CVE-2018-6196] 2018-01-06 Tatsuya Kinoshita <tats@debian.org> @@ -39,7 +41,7 @@ 2017-12-27 Tatsuya Kinoshita <tats@debian.org> * form.c: Prevent invalid columnPos() call in formUpdateBuffer(). - Bug-Debian: https://github.com/tats/w3m/issues/89 + Bug-Debian: https://github.com/tats/w3m/issues/89 [CVE-2018-6197] * main.c: Typo fix in fusage(). Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878106 @@ -1,9 +1,9 @@ -Debian's w3m 0.5.3+git20180121 +Debian's w3m 0.5.3+git20180125 * bug fixes - - fix stack overflow with malformed text - - fix null deref with malformed text - - make temporary directory safely when ~/.w3m is unwritable + - fix stack overflow with malformed text [CVE-2018-6196] + - fix null deref with malformed text [CVE-2018-6197] + - fix /tmp file races only when ~/.w3m is unwritable [CVE-2018-6198] - do not remove w3mdict.cgi when "make distclean" - do not turn a form's GET into POST - correct <base ...> parsing |