Accepted w3m 0.5.3-37+deb10u1 (source) into oldoldstable
- To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
- Subject: Accepted w3m 0.5.3-37+deb10u1 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Thu, 24 Aug 2023 11:00:18 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: w3m_0.5.3-37+deb10u1_source.changes
- Debian-source: w3m
- Debian-suite: oldoldstable
- Debian-version: 0.5.3-37+deb10u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=pt7fPcsU4GbN22CpM6loPmABZLQ7yTcVIEl5CI2Jnzw=; b=eonHwetQF7dRgHUw18KT0y7O97 SxubfloMSJajzacd/tJOPe0QHe0fbMp8SK4SWKSmzwK1qmBuzYggNzhuwCwTdsonngonBCoXJG7T9 QUxi7/clgV2QP1M4qoYdlzKbuTjWTbQRVteBvn/Kuhdy/nbsFyFIo7HUT4hq96nV/cOb51LenVmpu bcesf/AFK5LQN0ThmUvwzpFq/a2qO+I7amb2WtN0w75aNp8Or+a9Ir5LNzOGwUVR+JWi+oo/cp4mt Jdesb5pWJYDmE2od80Rr8hr290X+3G23ky5TV2SaSePZvbSqs15tVBibR+1UWbTKCcMhYtGTvAign 780wNdyA==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1qZ84Y-00Ew8g-SK@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 22 Aug 2023 15:23:39 +0200
Source: w3m
Architecture: source
Version: 0.5.3-37+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Tatsuya Kinoshita <tats@debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Closes: 1019599
Changes:
w3m (0.5.3-37+deb10u1) buster-security; urgency=high
.
* Non-maintainer upload by the LTS Security Team.
* CVE-2022-38223: There is an out-of-bounds write in checkType located
in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML
file to the w3m binary. It allows an attacker to cause Denial of
Service or possibly have unspecified other impact. (closes: #1019599)
Checksums-Sha1:
e0d11f5e760163e30ad767594061f45e9fc84a39 2027 w3m_0.5.3-37+deb10u1.dsc
444b6c8cf7094ee95f8e9de96b37f814b9d83237 2202328 w3m_0.5.3.orig.tar.gz
416c349d93ec7dc840ac85f40c17fcca59dbda3c 199640 w3m_0.5.3-37+deb10u1.debian.tar.xz
6a76f3c34df48c55a5848a04f09d4b966738b14a 7792 w3m_0.5.3-37+deb10u1_amd64.buildinfo
Checksums-Sha256:
c33296d17db6956f64ca37585fda57c6a7cbbf338821758422c74b7efa220234 2027 w3m_0.5.3-37+deb10u1.dsc
e994d263f2fd2c22febfbe45103526e00145a7674a0fda79c822b97c2770a9e3 2202328 w3m_0.5.3.orig.tar.gz
aaeae2c0a51c48b5d589151df86cf89a51c07b5f766ce5707e7ffa671329bb65 199640 w3m_0.5.3-37+deb10u1.debian.tar.xz
b9ddc72625709b1396aae2828ff67518f39361fe71fa77a68340ae4f29fdc283 7792 w3m_0.5.3-37+deb10u1_amd64.buildinfo
Files:
290e52841843dd3e8b7effa8cf5134f9 2027 web optional w3m_0.5.3-37+deb10u1.dsc
1b845a983a50b8dec0169ac48479eacc 2202328 web optional w3m_0.5.3.orig.tar.gz
64031f1a860dfa171bc00f9fa8f6686c 199640 web optional w3m_0.5.3-37+deb10u1.debian.tar.xz
17e88d8db5ad1f682f3f0479f2c1f26f 7792 web optional w3m_0.5.3-37+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmTnNMoACgkQDTl9HeUl
XjA1bg/+L3n/9ZZ+bSHd2+QS2ST/ZcEah6SNyebOru45C8zjeenp7Po0IIsYEsDK
tkhXLKGKOL3BoExhZbxe/SQTYg3/9NBz+DSQ6qTvfDPDyaWAKpb87MDdKu7fFmqC
UZjPrXCavcZlQYXXfV0RPmAz9pki1Fddgk2KeUP4mNtdFbyqRc4eZ8ovQHO+VycP
ybok0GWEkQQsXwkUXjyIturgOoqIy14He/iDHzbA7aftRxy/B38C9yilYuSWSgJz
hqmUcWmVCLvfJU/XhmZfHIROb4z7DQ/+ILKyExpgS/op/zWnQTY3uhZ1DOJp/tuA
OYiocajHpEU7+8J7YRaovk2E+AClhw8W8T5iJ3nkNDF6fW7ZhM2foRVY6qxMt1RI
7wPRxhpPV4E/mLH6JqGwtRkdI0NzFy7Vk/6Fou38NRJyMNUKvaurnje4DSWuDFDX
Im+nZh/wOK0nLxPVJALx/ByGEH8Plb8grx8MagvNZtjtyGnz0EucPhekiC2SCmWH
qdQtP7xRthd3Oi86bVo0SXGmdRpMIg4IPrufBxevdVc7uGRFcEkP23CUq9zVpUAg
HfI8SyOvzsg0JabKTNMpyYDg4d80jmVRMjz2xxL5M2BIbF1pK1/Ikz08pgqkh4LY
rp43Ucwvzve1j+GHddcL2tLOXfmWaw7msZ8tmf6wrAYsBYwjEbI=
=hbhT
-----END PGP SIGNATURE-----