diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 9 |
1 files changed, 8 insertions, 1 deletions
@@ -1,8 +1,15 @@ +Debian's w3m 0.5.3+gitYYYYMMDD + +* bug fixes + Debian's w3m 0.5.3+git20161120 * bug fixes - fix multiple flaws with malformed text (stack overflow, buffer overflow, null deref, out of memory) + [CVE-2016-9622], [CVE-2016-9623], [CVE-2016-9624], [CVE-2016-9625], + [CVE-2016-9626], [CVE-2016-9627], [CVE-2016-9628], [CVE-2016-9629], + [CVE-2016-9630], [CVE-2016-9631], [CVE-2016-9632], [CVE-2016-9633] - fix stack overflow with nested table and textarea [CVE-2016-9439] - fix suspend (^Z) behavior @@ -27,7 +34,7 @@ Debian's w3m 0.5.3+git20161031 [CVE-2016-9426], [CVE-2016-9428], [CVE-2016-9429], [CVE-2016-9430], [CVE-2016-9431], [CVE-2016-9432], [CVE-2016-9433], [CVE-2016-9434], [CVE-2016-9435], [CVE-2016-9436], [CVE-2016-9437], [CVE-2016-9438], - [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443] + [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443], [CVE-2016-9621] - fix potential heap buffer corruption due to Strgrow [CVE-2016-9442] - disable SSLv2 and SSLv3 by default [CVE-2014-3566] - set ssl_verify_server to 1 by default |