From 8d31b4bab3f1f14d66654de3b3221121d26b9813 Mon Sep 17 00:00:00 2001
From: Tatsuya Kinoshita <tats@debian.org>
Date: Thu, 24 Nov 2016 20:27:24 +0900
Subject: Add CVE IDs

cf. https://security-tracker.debian.org/tracker/source-package/w3m
    http://www.openwall.com/lists/oss-security/2016/11/24/1
---
 NEWS | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index b80e8ed..ee32612 100644
--- a/NEWS
+++ b/NEWS
@@ -1,8 +1,15 @@
+Debian's w3m 0.5.3+gitYYYYMMDD
+
+* bug fixes
+
 Debian's w3m 0.5.3+git20161120
 
 * bug fixes
  - fix multiple flaws with malformed text
    (stack overflow, buffer overflow, null deref, out of memory)
+   [CVE-2016-9622], [CVE-2016-9623], [CVE-2016-9624], [CVE-2016-9625],
+   [CVE-2016-9626], [CVE-2016-9627], [CVE-2016-9628], [CVE-2016-9629],
+   [CVE-2016-9630], [CVE-2016-9631], [CVE-2016-9632], [CVE-2016-9633]
  - fix stack overflow with nested table and textarea [CVE-2016-9439]
  - fix suspend (^Z) behavior
 
@@ -27,7 +34,7 @@ Debian's w3m 0.5.3+git20161031
    [CVE-2016-9426], [CVE-2016-9428], [CVE-2016-9429], [CVE-2016-9430],
    [CVE-2016-9431], [CVE-2016-9432], [CVE-2016-9433], [CVE-2016-9434],
    [CVE-2016-9435], [CVE-2016-9436], [CVE-2016-9437], [CVE-2016-9438],
-   [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443]
+   [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443], [CVE-2016-9621]
  - fix potential heap buffer corruption due to Strgrow [CVE-2016-9442]
  - disable SSLv2 and SSLv3 by default [CVE-2014-3566]
  - set ssl_verify_server to 1 by default
-- 
cgit v1.2.3