Fedora 37: FEDORA-2022-7d2f942be2 Critical: w3m Out-of-Bounds Write

The w3m program is a pager (or text file viewer) that can also be used

as a text-mode Web browser. W3m features include the following: when

reading an HTML document, you can follow links and view images using

an external image viewer; its internet message mode determines the

type of document from the header; if the Content-Type field of the

document is text/html, the document is displayed as an HTML document;

you can change a URL description like ' in plain

text into a link to that URL.

If you want to display the inline images on w3m, you need to install

w3m-img package as well.

- Added upstream patch to address CVE-2022-38223 (#2126270)

* Fri Dec 23 2022 Robert Scheck - 0.5.3-58.git20220429

- Added upstream patch to address CVE-2022-38223 (#2126270)

[ 1 ] Bug #2126270 - CVE-2022-38223 w3m: an out-of-bounds write in checkType located in etc.c in w3m

https://bugzilla.redhat.com/show_bug.cgi?id=2126270

su -c 'dnf upgrade --advisory FEDORA-2022-7d2f942be2' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam, report it: