Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

Fedora 24: 2017-783e8fa63e Moderate: w3m Buffer Overflow Issue

fedora
Calendar Grey March 21, 2017
Dist Fedora Esm H88
Focus on resolving various security vulnerabilities present in the w3m package for Fedora. Prioritize patching severe bugs to enhance user safety while browsing.
Security fix for CVE-2016-9422, CVE-2016-9423, CVE-2016-9424, CVE-2016-9425, CVE-2016-9428, CVE-2016-9426, CVE-2016-9429, CVE-2016-9430, CVE-2016-9431, CVE-2016-9432, CVE-2016-9433...

Summary

The w3m program is a pager (or text file viewer) that can also be used

as a text-mode Web browser. W3m features include the following: when

reading an HTML document, you can follow links and view images using

an external image viewer; its internet message mode determines the

type of document from the header; if the Content-Type field of the

document is text/html, the document is displayed as an HTML document;

you can change a URL description like ' in plain

text into a link to that URL.

If you want to display the inline images on w3m, you need to install

w3m-img package as well.

Update Information:

Security fix for CVE-2016-9422, CVE-2016-9423, CVE-2016-9424, CVE-2016-9425, CVE-2016-9428, CVE-2016-9426, CVE-2016-9429, CVE-2016-9430, CVE-2016-9431, CVE-2016-9432, CVE-2016-9433, CVE-2016-9434, CVE-2016-9435, CVE-2016-9436, CVE-2016-9437, CVE-2016-9438, CVE-2016-9439, CVE-2016-9440, CVE-2016-9441, CVE-2016-9442, CVE-2016-9443, CVE-2016-9622, CVE-2016-9623, CVE-2016-9624, CVE-2016-9625, CVE-2016-9626, CVE-2016-9627, CVE-2016-9628, CVE-2016-9629, CVE-2016-9631, CVE-2016-9630, CVE-2016-9632, CVE-2016-9633 ---- Update to latest upstream gitrev 20170102

Topics%20covered

Topics Covered

security advisory buffer overflow heap corruption Fedora web browser segmentation fault w3m

Change Log

References


[ 1 ] Bug #1399662 - CVE-2016-9422 w3m: Stack smashed with large image inside table https://bugzilla.redhat.com/show_bug.cgi?id=1399662 [ 2 ] Bug #1399664 - CVE-2016-9423 w3m: Malformed html tag heap-buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1399664 [ 3 ] Bug #1399665 - CVE-2016-9424 w3m: Out-of-bounds heap write due to negative array index https://bugzilla.redhat.com/show_bug.cgi?id=1399665 [ 4 ] Bug #1399666 - CVE-2016-9425 w3m: Segmentation fault due to write to lineBuf[-1] in addMultirowsForm https://bugzilla.redhat.com/show_bug.cgi?id=1399666 [ 5 ] Bug #1399667 - CVE-2016-9428 w3m: Out-of-bounds write in addMultirowsForm() https://bugzilla.redhat.com/show_bug.cgi?id=1399667 [ 6 ] Bug #1399668 - CVE-2016-9426 w3m: Heap corruption due to integer overflow in renderTable() https://bugzilla.redhat.com/show_bug.cgi?id=1399668 [ 7 ] Bug #1399682 - CVE-2016-9429 w3m: Global-buffer-overflow write in formUpda...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade w3m' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
important
Lowest
Low
Medium
High
Critical

Name: w3m
Product: Fedora 24
Version: 0.5.3
Release: 30.git20170102.fc24
URL:
Summary: A pager with Web browsing abilities

Topics%20covered

Topics Covered

security advisory buffer overflow heap corruption Fedora web browser segmentation fault w3m

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here