| Revision Date: | 2019-03-27 | Version: | 1 |
| Title: | Security update for w3m (Moderate) |
| Description: |
This update for w3m fixes several issues.
These security issues were fixed:
- CVE-2018-6196: Prevent infinite recursion in HTMLlineproc0 caused by the feed_table_block_tag function which did not prevent a negative indent value (bsc#1077559) - CVE-2018-6197: Prevent NULL pointer dereference in formUpdateBuffer (bsc#1077568) - CVE-2018-6198: w3m did not properly handle temporary files when the ~/.w3m directory is unwritable, which allowed a local attacker to craft a symlink attack to overwrite arbitrary files (bsc#1077572)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1077559
1077568
1077572
CVE-2018-6196
CVE-2018-6197
CVE-2018-6198
SUSE-SU-2019:0776-1
|
| Platform(s): | SUSE Linux Enterprise Server 12 SP4
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP4 is installed AND w3m-0.5.3.git20161120-161.3.4 is installed
|