| Description: | An updated elinks package that fixes two security issues is now availablefor Red Hat Enterprise Linux 4 and 5.This update has been rated as having important security impact by the RedHat Security Response Team.ELinks is a text-based Web browser. ELinks does not display any images, butit does support frames, tables, and most other HTML tags.An off-by-one buffer overflow flaw was discovered in the way ELinks handledits internal cache of string representations for HTML special entities. Aremote attacker could use this flaw to create a specially-crafted HTML filethat would cause ELinks to crash or, possibly, execute arbitrary code whenrendered. (CVE-2008-7224) |