Debian alert DLA-2195-1 (w3m)
| From: | Thorsten Alteholz <debian@alteholz.de> | |
| To: | debian-lts-announce@lists.debian.org | |
| Subject: | [SECURITY] [DLA 2195-1] w3m security update | |
| Date: | Thu, 30 Apr 2020 17:21:38 +0200 (CEST) | |
| Message-ID: | <alpine.DEB.2.20.2004301719420.19990@jupiter.server.alteholz.net> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : w3m Version : 0.5.3-19+deb8u3 CVE ID : CVE-2018-6196 CVE-2018-6197 Two issues have been found in w3m, WWW browsable pager with excellent tables/frames support. One issue is related to a stack overflow, the other one is a fix for a null pointer dereference. Brief introduction CVE-2018-6196 Description CVE-2018-6197 Description For Debian 8 "Jessie", these problems have been fixed in version 0.5.3-19+deb8u3. We recommend that you upgrade your w3m packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl6q7QJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEcLew//SBppSakxEVoJ9oUBHvuFt84s2NuyhexgUMzbT0ew4b1o4Efz6Ov4WXwI GcRWNUNa2fi7INAQHEo2xnvb7tEzJFUO24oEiI95Rsnn5RmmOAAzhcsVWOWiaX+g BT1goGQgc2+fUn5WPvmsJI6gE6fcuTRLcnqzdUsbpM06g5RNqKzoBejG9BC1mz6y xfdGSw3vBM++ki0N6ndZpe2Zx794V7i8yz9L1Bhv62JsdM2gvcDsIEv0SQDYUrfe sR4h7vCsQCdndvr+P/EXReB+VaE4LcPaR0DD34eevBqEwkgEZvoVakRf8w0FIcTd 1oe6VdmJxy5E97C4hgJdxWlEwqsgG/ystq9MXBkn4jd58irbFyu96zVR7GzaGqny ft1CoPEc2LQs21v2shGvYhPb9tbb7bd0WvWWUa4pG4MQZciqbIJoJVtgDBNcUEYw shTsmbCBtl93AuqLB3MUd1s2RkSMz0HaxtQlrxnXF2j9w1oE1bCny0wXNifOPNKM lR2FWrG/lKZCmik4xdghc8mop20wFa78c9EbZkbDrwAFUb5nc+od+vT30wSw+DpV c+i+6hgguKuc9MrwLgg7/FU9SucGAbFOUWG4IS60jcpu5cIs+pteJxDwPNe0qwUu sAH8/tU4ii6HNAY9TY4ehlahLt5qDdjWrCRuydB/tNbxlmACTEw= =sGmL -----END PGP SIGNATURE-----