aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTatsuya Kinoshita <tats@debian.org>2018-01-25 09:23:40 +0000
committerTatsuya Kinoshita <tats@debian.org>2018-01-25 09:23:40 +0000
commit01d41d49b273a8cc75b27c6ab42291b46004fc0c (patch)
tree007b91e45de50d06ceef3458fd5b8c123b09f3be
parentUpdate ChangeLog (diff)
downloadw3m-01d41d49b273a8cc75b27c6ab42291b46004fc0c.tar.gz
w3m-01d41d49b273a8cc75b27c6ab42291b46004fc0c.zip
Add CVE IDs
cf. https://security-tracker.debian.org/tracker/source-package/w3m
Diffstat (limited to '')
-rw-r--r--ChangeLog6
-rw-r--r--NEWS8
2 files changed, 8 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index 65bd46e..8e29091 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,8 @@
* config.h.dist, config.h.in, configure, configure.ac, main.c, rc.c:
Make temporary directory safely when ~/.w3m is unwritable.
+ Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888097
+ [CVE-2018-6198]
* rc.c: Suppress error messages when ~/.w3m is unwritable.
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871425
@@ -16,7 +18,7 @@
Update config.* with autotools-dev 20171216.1.
* table.c: Prevent negative indent value in feed_table_block_tag().
- Bug-Debian: https://github.com/tats/w3m/issues/88
+ Bug-Debian: https://github.com/tats/w3m/issues/88 [CVE-2018-6196]
2018-01-06 Tatsuya Kinoshita <tats@debian.org>
@@ -39,7 +41,7 @@
2017-12-27 Tatsuya Kinoshita <tats@debian.org>
* form.c: Prevent invalid columnPos() call in formUpdateBuffer().
- Bug-Debian: https://github.com/tats/w3m/issues/89
+ Bug-Debian: https://github.com/tats/w3m/issues/89 [CVE-2018-6197]
* main.c: Typo fix in fusage().
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878106
diff --git a/NEWS b/NEWS
index b05301b..4ed621a 100644
--- a/NEWS
+++ b/NEWS
@@ -1,9 +1,9 @@
-Debian's w3m 0.5.3+git20180121
+Debian's w3m 0.5.3+git20180125
* bug fixes
- - fix stack overflow with malformed text
- - fix null deref with malformed text
- - make temporary directory safely when ~/.w3m is unwritable
+ - fix stack overflow with malformed text [CVE-2018-6196]
+ - fix null deref with malformed text [CVE-2018-6197]
+ - fix /tmp file races only when ~/.w3m is unwritable [CVE-2018-6198]
- do not remove w3mdict.cgi when "make distclean"
- do not turn a form's GET into POST
- correct <base ...> parsing