aboutsummaryrefslogtreecommitdiffstats
path: root/NEWS
diff options
context:
space:
mode:
authorTatsuya Kinoshita <tats@debian.org>2016-11-24 11:27:24 +0000
committerTatsuya Kinoshita <tats@debian.org>2016-11-27 07:53:15 +0000
commit8d31b4bab3f1f14d66654de3b3221121d26b9813 (patch)
treed4dc1b0d5287132757ffb6582e2bd5056c27b3c0 /NEWS
parentUpdate ChangeLog (diff)
downloadw3m-8d31b4bab3f1f14d66654de3b3221121d26b9813.tar.gz
w3m-8d31b4bab3f1f14d66654de3b3221121d26b9813.zip
Add CVE IDs
cf. https://security-tracker.debian.org/tracker/source-package/w3m http://www.openwall.com/lists/oss-security/2016/11/24/1
Diffstat (limited to '')
-rw-r--r--NEWS9
1 files changed, 8 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index b80e8ed..ee32612 100644
--- a/NEWS
+++ b/NEWS
@@ -1,8 +1,15 @@
+Debian's w3m 0.5.3+gitYYYYMMDD
+
+* bug fixes
+
Debian's w3m 0.5.3+git20161120
* bug fixes
- fix multiple flaws with malformed text
(stack overflow, buffer overflow, null deref, out of memory)
+ [CVE-2016-9622], [CVE-2016-9623], [CVE-2016-9624], [CVE-2016-9625],
+ [CVE-2016-9626], [CVE-2016-9627], [CVE-2016-9628], [CVE-2016-9629],
+ [CVE-2016-9630], [CVE-2016-9631], [CVE-2016-9632], [CVE-2016-9633]
- fix stack overflow with nested table and textarea [CVE-2016-9439]
- fix suspend (^Z) behavior
@@ -27,7 +34,7 @@ Debian's w3m 0.5.3+git20161031
[CVE-2016-9426], [CVE-2016-9428], [CVE-2016-9429], [CVE-2016-9430],
[CVE-2016-9431], [CVE-2016-9432], [CVE-2016-9433], [CVE-2016-9434],
[CVE-2016-9435], [CVE-2016-9436], [CVE-2016-9437], [CVE-2016-9438],
- [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443]
+ [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443], [CVE-2016-9621]
- fix potential heap buffer corruption due to Strgrow [CVE-2016-9442]
- disable SSLv2 and SSLv3 by default [CVE-2014-3566]
- set ssl_verify_server to 1 by default