From 5fb44be9a60f13a643c9949ca0c451609c91028e Mon Sep 17 00:00:00 2001
From: Tatsuya Kinoshita <tats@debian.org>
Date: Fri, 18 Nov 2016 23:29:47 +0900
Subject: Add CVE IDs

cf. https://security-tracker.debian.org/tracker/source-package/w3m
    http://seclists.org/oss-sec/2016/q4/452
---
 NEWS | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index 69a85a5..769dce5 100644
--- a/NEWS
+++ b/NEWS
@@ -15,6 +15,12 @@ w3m X.X.X - YYYY-MM-DD
  - add translations for de, zh_CN and zh_TW
 * bug fixes
  - fix multiple flaws with malformed text
+   [CVE-2016-9422], [CVE-2016-9423], [CVE-2016-9424], [CVE-2016-9425],
+   [CVE-2016-9426], [CVE-2016-9428], [CVE-2016-9429], [CVE-2016-9430],
+   [CVE-2016-9431], [CVE-2016-9432], [CVE-2016-9433], [CVE-2016-9434],
+   [CVE-2016-9435], [CVE-2016-9436], [CVE-2016-9437], [CVE-2016-9438],
+   [CVE-2016-9439], [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9442],
+   [CVE-2016-9443]
  - disable SSLv2 and SSLv3 by default [CVE-2014-3566]
  - set ssl_verify_server to 1 by default
  - disable RC4, export ciphers, and keys < 128 bits
-- 
cgit v1.2.3