diff options
-rw-r--r-- | ChangeLog | 32 | ||||
-rw-r--r-- | NEWS | 20 | ||||
-rw-r--r-- | menu.c | 2 |
3 files changed, 36 insertions, 18 deletions
@@ -1,3 +1,7 @@ +2016-11-20 Tatsuya Kinoshita <tats@debian.org> + + * NEWS: Update NEWS. + 2016-11-19 Tatsuya Kinoshita <tats@debian.org> * NEWS: Update NEWS. @@ -13,15 +17,15 @@ * libwc/ucs.c, libwc/ucs.map: Prevent global-buffer-overflow in wc_any_to_ucs(). - Bug-Debian: https://github.com/tats/w3m/issues/43 + Bug-Debian: https://github.com/tats/w3m/issues/43 [CVE-2016-9632] 2016-11-17 Tatsuya Kinoshita <tats@debian.org> * url.c: Prevent global-buffer-overflow in parseURL(). - Bug-Debian: https://github.com/tats/w3m/issues/41 + Bug-Debian: https://github.com/tats/w3m/issues/41 [CVE-2016-9630] * file.c: Prevent deref null pointer in HTMLlineproc0(). - Bug-Debian: https://github.com/tats/w3m/issues/42 + Bug-Debian: https://github.com/tats/w3m/issues/42 [CVE-2016-9631] 2016-11-15 Tatsuya Kinoshita <tats@debian.org> @@ -38,16 +42,16 @@ This reverts commit f393faf55975a94217df479e1bd06ee4403c6958. * anchor.c: Prevent deref null pointer in shiftAnchorPosition(). - Bug-Debian: https://github.com/tats/w3m/issues/40 + Bug-Debian: https://github.com/tats/w3m/issues/40 [CVE-2016-9629] 2016-11-14 Tatsuya Kinoshita <tats@debian.org> * file.c: Prevent null pointer deref due to bad form id. - Bug-Debian: https://github.com/tats/w3m/issues/39 + Bug-Debian: https://github.com/tats/w3m/issues/39 [CVE-2016-9628] * display.c, file.c, fm.h, symbol.c: Prevent array index out of bounds for symbol. - Bug-Debian: https://github.com/tats/w3m/issues/38 + Bug-Debian: https://github.com/tats/w3m/issues/38 [CVE-2016-9627] 2016-11-13 Tatsuya Kinoshita <tats@debian.org> @@ -65,12 +69,12 @@ 2016-11-09 Tatsuya Kinoshita <tats@debian.org> * table.c: Check indent_level to prevent infinite recursion. - Bug-Debian: https://github.com/tats/w3m/issues/37 + Bug-Debian: https://github.com/tats/w3m/issues/37 [CVE-2016-9626] 2016-11-07 Tatsuya Kinoshita <tats@debian.org> * file.c: Prevent infinite recursion in HTMLlineproc0. - Bug-Debian: https://github.com/tats/w3m/issues/36 + Bug-Debian: https://github.com/tats/w3m/issues/36 [CVE-2016-9625] * NEWS, w3m-doc/install.html.in: Update documents for included w3mdict.cgi. @@ -86,16 +90,16 @@ 2016-11-07 Tatsuya Kinoshita <tats@debian.org> * form.c: Prevent dereference near-null pointer in formUpdateBuffer. - Bug-Debian: https://github.com/tats/w3m/issues/35 + Bug-Debian: https://github.com/tats/w3m/issues/35 [CVE-2016-9624] * file.c: Prevent crash after allocate string of negative size. - Bug-Debian: https://github.com/tats/w3m/issues/33 + Bug-Debian: https://github.com/tats/w3m/issues/33 [CVE-2016-9623] * file.c: Prevent memory exhausted due to repeat appending "</table>". - Bug-Debian: https://github.com/tats/w3m/issues/23 + Bug-Debian: https://github.com/tats/w3m/issues/23 [CVE-2016-9633] * file.c: Prevent null pointer dereference in HTMLlineproc2body. - Bug-Debian: https://github.com/tats/w3m/issues/32 + Bug-Debian: https://github.com/tats/w3m/issues/32 [CVE-2016-9622] 2016-10-31 Tatsuya Kinoshita <tats@debian.org> @@ -133,7 +137,7 @@ Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838952 * form.c: Prevent global-buffer-overflow write in formUpdateBuffer. - Bug-Debian: https://github.com/tats/w3m/issues/29 [CVE-2016-9429] + Bug-Debian: https://github.com/tats/w3m/issues/29 [CVE-2016-9429] [CVE-2016-9621] * form.c: Fix null pointer dereference in formUpdateBuffer. Bug-Debian: https://github.com/tats/w3m/issues/28 [CVE-2016-9443] @@ -411,7 +415,7 @@ * doc-jp/MANUAL.html, doc/MANUAL.html, fm.h, main.c, rc.c: Add extbrowser4, extbrowser5, ..., and extbrowser9. e.g. - - extbrowser8 url=%s && printf %s "$url" | xsel && printf %s "$url" | xsel -b + - extbrowser8 url=%s && printf %s "$url" | xsel && printf %s "$url" | xsel -b & - extbrowser9 mpv %s & cf. https://github.com/spcmd/w3m @@ -1,4 +1,19 @@ -w3m X.X.X - YYYY-MM-DD +Debian's w3m 0.5.3+gitYYYYMMDD + +* bug fixes + +Debian's w3m 0.5.3+git20161120 + +* bug fixes + - fix multiple flaws with malformed text + (stack overflow, buffer overflow, null deref, out of memory) + [CVE-2016-9622], [CVE-2016-9623], [CVE-2016-9624], [CVE-2016-9625], + [CVE-2016-9626], [CVE-2016-9627], [CVE-2016-9628], [CVE-2016-9629], + [CVE-2016-9630], [CVE-2016-9631], [CVE-2016-9632], [CVE-2016-9633] + - fix stack overflow with nested table and textarea [CVE-2016-9439] + - fix suspend (^Z) behavior + +Debian's w3m 0.5.3+git20161031 * new features - support OSC 5379 remote imaging and sixel graphics @@ -19,7 +34,7 @@ w3m X.X.X - YYYY-MM-DD [CVE-2016-9426], [CVE-2016-9428], [CVE-2016-9429], [CVE-2016-9430], [CVE-2016-9431], [CVE-2016-9432], [CVE-2016-9433], [CVE-2016-9434], [CVE-2016-9435], [CVE-2016-9436], [CVE-2016-9437], [CVE-2016-9438], - [CVE-2016-9439], [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443] + [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443], [CVE-2016-9621] - fix potential heap buffer corruption due to Strgrow [CVE-2016-9442] - disable SSLv2 and SSLv3 by default [CVE-2014-3566] - set ssl_verify_server to 1 by default @@ -40,7 +55,6 @@ w3m X.X.X - YYYY-MM-DD - fix build problems with Boehm GC 7.2, imlib2 1.4.6 and glibc 2.14 - fix parallel make failure - fix incorrect ucs_ambwidth_map - - fix suspend (^Z) behavior - and many fixes w3m 0.5.3 - 2011-01-15 @@ -1741,7 +1741,7 @@ initMenu(void) FILE *mf; MenuList *list; - w3mMenuList = New_N(MenuList, 3); + w3mMenuList = New_N(MenuList, 4); w3mMenuList[0].id = "Main"; w3mMenuList[0].menu = &MainMenu; w3mMenuList[0].item = MainMenuItem; |