Hi, At Fri, 9 Mar 2001 19:44:11 +0100, Martin Schulze wrote: > w3m stable 0.1.6-4 powerpc > w3m stable 0.1.9-5 alpha, arm, i386, sparc > w3m updates 0.1.10+0.1.11pre+kokb22-1 arm, sparc > w3m updates 0.1.10+0.1.11pre+kokb23-1 alpha, i386 > > I'm not yet convinced about this upload. What scares me > exactly is 1st a new upstream version and 2nd the word > 'security fixes' without mentioning anything. Needs further > investigation. I'm maintainer of w3m. w3m development team found security bugs in prior to w3m kokb22 patches. w3m parse html, convert it using internal tags and render it. These old versions of w3m didn't check the usage of internal tags, such as <form_int>, so it is possible to access user's local file by abusing of internal tags in remote web pages. In other words, it didn't check tainted data in html enough. w3m development team was considered it as grave security holes, and has been fixed in kokb22 patches. From 0.1.9 there are many internal changes in w3m, I think it's safer to upload new upstream than backport the patches, which may introduce another bugs. Thanks, Fumitoshi UKAI
Attachment:
pgpqCPqOMRNWg.pgp
Description: PGP signature