aboutsummaryrefslogtreecommitdiffstats
path: root/NEWS
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--NEWS9
1 files changed, 8 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index b80e8ed..ee32612 100644
--- a/NEWS
+++ b/NEWS
@@ -1,8 +1,15 @@
+Debian's w3m 0.5.3+gitYYYYMMDD
+
+* bug fixes
+
Debian's w3m 0.5.3+git20161120
* bug fixes
- fix multiple flaws with malformed text
(stack overflow, buffer overflow, null deref, out of memory)
+ [CVE-2016-9622], [CVE-2016-9623], [CVE-2016-9624], [CVE-2016-9625],
+ [CVE-2016-9626], [CVE-2016-9627], [CVE-2016-9628], [CVE-2016-9629],
+ [CVE-2016-9630], [CVE-2016-9631], [CVE-2016-9632], [CVE-2016-9633]
- fix stack overflow with nested table and textarea [CVE-2016-9439]
- fix suspend (^Z) behavior
@@ -27,7 +34,7 @@ Debian's w3m 0.5.3+git20161031
[CVE-2016-9426], [CVE-2016-9428], [CVE-2016-9429], [CVE-2016-9430],
[CVE-2016-9431], [CVE-2016-9432], [CVE-2016-9433], [CVE-2016-9434],
[CVE-2016-9435], [CVE-2016-9436], [CVE-2016-9437], [CVE-2016-9438],
- [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443]
+ [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443], [CVE-2016-9621]
- fix potential heap buffer corruption due to Strgrow [CVE-2016-9442]
- disable SSLv2 and SSLv3 by default [CVE-2014-3566]
- set ssl_verify_server to 1 by default