——————————————————————————–
Fedora Update Notification
FEDORA-2017-2e6b693937
2017-03-14 01:42:38.089672
——————————————————————————–
Name : w3m
Product : Fedora 25
Version : 0.5.3
Release : 30.git20170102.fc25
URL : http://w3m.sourceforge.net/
Summary : A pager with Web browsing abilities
Description :
The w3m program is a pager (or text file viewer) that can also be used
as a text-mode Web browser. W3m features include the following: when
reading an HTML document, you can follow links and view images using
an external image viewer; its internet message mode determines the
type of document from the header; if the Content-Type field of the
document is text/html, the document is displayed as an HTML document;
you can change a URL description like ‘http://hogege.net’ in plain
text into a link to that URL.
If you want to display the inline images on w3m, you need to install
w3m-img package as well.
——————————————————————————–
Update Information:
Security fix for CVE-2016-9422, CVE-2016-9423, CVE-2016-9424, CVE-2016-9425,
CVE-2016-9428, CVE-2016-9426, CVE-2016-9429, CVE-2016-9430, CVE-2016-9431,
CVE-2016-9432, CVE-2016-9433, CVE-2016-9434, CVE-2016-9435, CVE-2016-9436,
CVE-2016-9437, CVE-2016-9438, CVE-2016-9439, CVE-2016-9440, CVE-2016-9441,
CVE-2016-9442, CVE-2016-9443, CVE-2016-9622, CVE-2016-9623, CVE-2016-9624,
CVE-2016-9625, CVE-2016-9626, CVE-2016-9627, CVE-2016-9628, CVE-2016-9629,
CVE-2016-9631, CVE-2016-9630, CVE-2016-9632, CVE-2016-9633 And new upstream
20170102 as well
——————————————————————————–
References:
[ 1 ] Bug #1399740 – CVE-2016-9633 w3m: Memory exhaustion due to repeatedly appending ‘<table>’
https://bugzilla.redhat.com/show_bug.cgi?id=1399740
[ 2 ] Bug #1399739 – CVE-2016-9632 w3m: Buffer-overflow in wc_any_to_ucs()
https://bugzilla.redhat.com/show_bug.cgi?id=1399739
[ 3 ] Bug #1399737 – CVE-2016-9630 w3m: Buffer-overflow in parseURL()
https://bugzilla.redhat.com/show_bug.cgi?id=1399737
[ 4 ] Bug #1399734 – CVE-2016-9631 w3m: Null pointer dereference in HTMLlineproc0()
https://bugzilla.redhat.com/show_bug.cgi?id=1399734
[ 5 ] Bug #1399732 – CVE-2016-9629 w3m: Null pointer dereference in shiftAnchorPosition()
https://bugzilla.redhat.com/show_bug.cgi?id=1399732
[ 6 ] Bug #1399730 – CVE-2016-9628 w3m: Null pointer dereference due to bad form id in HTMLlineproc2body()
https://bugzilla.redhat.com/show_bug.cgi?id=1399730
[ 7 ] Bug #1399728 – CVE-2016-9627 w3m: Array index out of bounds in display.c
https://bugzilla.redhat.com/show_bug.cgi?id=1399728
[ 8 ] Bug #1399723 – CVE-2016-9626 w3m: Infinite recursion in HTMLlineproc0
https://bugzilla.redhat.com/show_bug.cgi?id=1399723
[ 9 ] Bug #1399720 – CVE-2016-9625 w3m: HTMLlineproc0 infinite recursion
https://bugzilla.redhat.com/show_bug.cgi?id=1399720
[ 10 ] Bug #1399718 – CVE-2016-9624 w3m: Null pointer dereference in formUpdateBuffer
https://bugzilla.redhat.com/show_bug.cgi?id=1399718
[ 11 ] Bug #1399715 – CVE-2016-9623 w3m: Integer overflow resulting in segmentation fault
https://bugzilla.redhat.com/show_bug.cgi?id=1399715
[ 12 ] Bug #1399713 – CVE-2016-9622 w3m: Null pointer dereference in HTMLlineproc2body
https://bugzilla.redhat.com/show_bug.cgi?id=1399713
[ 13 ] Bug #1399710 – CVE-2016-9443 w3m: Null pointer dereference in formUpdateBuffer
https://bugzilla.redhat.com/show_bug.cgi?id=1399710
[ 14 ] Bug #1399707 – CVE-2016-9442 w3m: Potential heap-buffer corruption due to Strgrow
https://bugzilla.redhat.com/show_bug.cgi?id=1399707
[ 15 ] Bug #1399705 – CVE-2016-9441 w3m: Null pointer dereference in do_refill
https://bugzilla.redhat.com/show_bug.cgi?id=1399705
[ 16 ] Bug #1399702 – CVE-2016-9440 w3m: Null pointer dereference in formUpdateBuffer
https://bugzilla.redhat.com/show_bug.cgi?id=1399702
[ 17 ] Bug #1399701 – CVE-2016-9439 w3m: Infinite recursion with nested table and textarea
https://bugzilla.redhat.com/show_bug.cgi?id=1399701
[ 18 ] Bug #1399699 – CVE-2016-9438 w3m: Null pointer dereference with input_alt tag
https://bugzilla.redhat.com/show_bug.cgi?id=1399699
[ 19 ] Bug #1399697 – CVE-2016-9437 w3m: Write access violation with ‘<button type=radio>’
https://bugzilla.redhat.com/show_bug.cgi?id=1399697
[ 20 ] Bug #1399695 – CVE-2016-9436 w3m: Unitialised value in parsetagx.c
https://bugzilla.redhat.com/show_bug.cgi?id=1399695
[ 21 ] Bug #1399694 – CVE-2016-9435 w3m: Unitialised value in file.c
https://bugzilla.redhat.com/show_bug.cgi?id=1399694
[ 22 ] Bug #1399691 – CVE-2016-9434 w3m: Null pointer dereference due to incorrect form_int fid
https://bugzilla.redhat.com/show_bug.cgi?id=1399691
[ 23 ] Bug #1399690 – CVE-2016-9433 w3m: Segmentation fault when parsing iso2022 characters
https://bugzilla.redhat.com/show_bug.cgi?id=1399690
[ 24 ] Bug #1399689 – CVE-2016-9432 w3m: Segmentation fault due to bcopy with negative size
https://bugzilla.redhat.com/show_bug.cgi?id=1399689
[ 25 ] Bug #1399687 – CVE-2016-9431 w3m: Stack buffer overflow in deleteFrameSet()
https://bugzilla.redhat.com/show_bug.cgi?id=1399687
[ 26 ] Bug #1399685 – CVE-2016-9430 w3m: Segmentation fault with malformed input tag
https://bugzilla.redhat.com/show_bug.cgi?id=1399685
[ 27 ] Bug #1399682 – CVE-2016-9429 w3m: Global-buffer-overflow write in formUpdateBuffer
https://bugzilla.redhat.com/show_bug.cgi?id=1399682
[ 28 ] Bug #1399668 – CVE-2016-9426 w3m: Heap corruption due to integer overflow in renderTable()
https://bugzilla.redhat.com/show_bug.cgi?id=1399668
[ 29 ] Bug #1399667 – CVE-2016-9428 w3m: Out-of-bounds write in addMultirowsForm()
https://bugzilla.redhat.com/show_bug.cgi?id=1399667
[ 30 ] Bug #1399666 – CVE-2016-9425 w3m: Segmentation fault due to write to lineBuf[-1] in addMultirowsForm
https://bugzilla.redhat.com/show_bug.cgi?id=1399666
[ 31 ] Bug #1399665 – CVE-2016-9424 w3m: Out-of-bounds heap write due to negative array index
https://bugzilla.redhat.com/show_bug.cgi?id=1399665
[ 32 ] Bug #1399664 – CVE-2016-9423 w3m: Malformed html tag heap-buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1399664
[ 33 ] Bug #1399662 – CVE-2016-9422 w3m: Stack smashed with large image inside table
https://bugzilla.redhat.com/show_bug.cgi?id=1399662
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade w3m’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org