[SECURITY] [DLA 2195-1] w3m security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2195-1] w3m security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Thu, 30 Apr 2020 17:21:38 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.20.2004301719420.19990@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : w3m
Version        : 0.5.3-19+deb8u3
CVE ID         : CVE-2018-6196 CVE-2018-6197

Two issues have been found in w3m, WWW browsable pager with excellenttables/frames support.

One issue is related to a stack overflow, the other one is a fix for anull pointer dereference.



Brief introduction

CVE-2018-6196

    Description

CVE-2018-6197

    Description

For Debian 8 "Jessie", these problems have been fixed in version
0.5.3-19+deb8u3.

We recommend that you upgrade your w3m packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl6q7QJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEcLew//SBppSakxEVoJ9oUBHvuFt84s2NuyhexgUMzbT0ew4b1o4Efz6Ov4WXwI
GcRWNUNa2fi7INAQHEo2xnvb7tEzJFUO24oEiI95Rsnn5RmmOAAzhcsVWOWiaX+g
BT1goGQgc2+fUn5WPvmsJI6gE6fcuTRLcnqzdUsbpM06g5RNqKzoBejG9BC1mz6y
xfdGSw3vBM++ki0N6ndZpe2Zx794V7i8yz9L1Bhv62JsdM2gvcDsIEv0SQDYUrfe
sR4h7vCsQCdndvr+P/EXReB+VaE4LcPaR0DD34eevBqEwkgEZvoVakRf8w0FIcTd
1oe6VdmJxy5E97C4hgJdxWlEwqsgG/ystq9MXBkn4jd58irbFyu96zVR7GzaGqny
ft1CoPEc2LQs21v2shGvYhPb9tbb7bd0WvWWUa4pG4MQZciqbIJoJVtgDBNcUEYw
shTsmbCBtl93AuqLB3MUd1s2RkSMz0HaxtQlrxnXF2j9w1oE1bCny0wXNifOPNKM
lR2FWrG/lKZCmik4xdghc8mop20wFa78c9EbZkbDrwAFUb5nc+od+vT30wSw+DpV
c+i+6hgguKuc9MrwLgg7/FU9SucGAbFOUWG4IS60jcpu5cIs+pteJxDwPNe0qwUu
sAH8/tU4ii6HNAY9TY4ehlahLt5qDdjWrCRuydB/tNbxlmACTEw=
=sGmL
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2193-1] openjdk-7 security update
Next by Date: [SECURITY] [DLA 2194-1] yodl security update
Previous by thread: [SECURITY] [DLA 2193-1] openjdk-7 security update
Next by thread: [SECURITY] [DLA 2194-1] yodl security update
Index(es):
- Date
- Thread