Update for 00Meta, 389-ds, 389-ds.2045, Graphics... security moderate

Security update for w3m

This update for w3m fixes the following issues:

Security issues fixed:

- CVE-2018-6196: Prevent infinite recursion in HTMLlineproc0 caused by the feed_table_block_tag function which did not prevent a negative indent value (bsc#1077559)
- CVE-2018-6197: Prevent NULL pointer dereference in formUpdateBuffer (bsc#1077568)
- CVE-2018-6198: w3m did not properly handle temporary files when the ~/.w3m directory is unwritable, which allowed a local attacker to craft a symlink attack to overwrite arbitrary files (bsc#1077572)

This update was imported from the SUSE:SLE-12:Update update project.

Fixed bugs
bnc#1077568
VUL-1: CVE-2018-6197: w3m: NULL pointer dereference flaw in formUpdateBuffer in form.c
bnc#1077572
VUL-1: CVE-2018-6198: w3m: does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files
bnc#1077559
VUL-1: CVE-2018-6196: w3m: an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value allows for DoS
Selected Binaries
openSUSE Build Service is sponsored by