Update NEWS

author: Tatsuya Kinoshita <tats@debian.org> 2016-11-19 06:41:22 +0000
committer: Tatsuya Kinoshita <tats@debian.org> 2016-11-19 06:41:22 +0000
commit: fdfab25608f827945ab6c99c60708bd39868ddfd (patch)
tree: a00072265f43efd26b9e658d6a40c63aff7a91e4 /NEWS
parent: Update ChangeLog (diff)
download: w3m-fdfab25608f827945ab6c99c60708bd39868ddfd.tar.gz
w3m-fdfab25608f827945ab6c99c60708bd39868ddfd.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index 769dce5..d005cbc 100644
--- a/NEWS
+++ b/NEWS
@@ -19,8 +19,8 @@ w3m X.X.X - YYYY-MM-DD
    [CVE-2016-9426], [CVE-2016-9428], [CVE-2016-9429], [CVE-2016-9430],
    [CVE-2016-9431], [CVE-2016-9432], [CVE-2016-9433], [CVE-2016-9434],
    [CVE-2016-9435], [CVE-2016-9436], [CVE-2016-9437], [CVE-2016-9438],
-   [CVE-2016-9439], [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9442],
-   [CVE-2016-9443]
+   [CVE-2016-9439], [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443]
+ - fix potential heap buffer corruption due to Strgrow [CVE-2016-9442]
  - disable SSLv2 and SSLv3 by default [CVE-2014-3566]
  - set ssl_verify_server to 1 by default
  - disable RC4, export ciphers, and keys < 128 bits
author	Tatsuya Kinoshita <tats@debian.org>	2016-11-19 06:41:22 +0000
committer	Tatsuya Kinoshita <tats@debian.org>	2016-11-19 06:41:22 +0000
commit	fdfab25608f827945ab6c99c60708bd39868ddfd (patch)
tree	a00072265f43efd26b9e658d6a40c63aff7a91e4 /NEWS
parent	Update ChangeLog (diff)
download	w3m-fdfab25608f827945ab6c99c60708bd39868ddfd.tar.gz w3m-fdfab25608f827945ab6c99c60708bd39868ddfd.zip