Overview

File _patchinfo of Package patchinfo.3666

<patchinfo incident="3666">
  <issue id="1012029" tracker="bnc">VUL-0: CVE-2016-9630: w3m: global-buffer-overflow read</issue>
  <issue id="1012028" tracker="bnc">VUL-0: CVE-2016-9629: w3m: null deref</issue>
  <issue id="1012027" tracker="bnc">VUL-0: CVE-2016-9628: w3m: null deref</issue>
  <issue id="1012026" tracker="bnc">VUL-0: CVE-2016-9627: w3m: heap overflow read + deref</issue>
  <issue id="1012025" tracker="bnc">VUL-0: CVE-2016-9626: w3m: stack overflow</issue>
  <issue id="1012024" tracker="bnc">VUL-0: CVE-2016-9625: w3m: stack overflow</issue>
  <issue id="1012023" tracker="bnc">VUL-0: CVE-2016-9624: w3m: near-null deref</issue>
  <issue id="1012022" tracker="bnc">VUL-0: CVE-2016-9623: w3m: null deref</issue>
  <issue id="1012021" tracker="bnc">VUL-0: CVE-2016-9622: w3m: null deref</issue>
  <issue id="1011288" tracker="bnc">VUL-0: CVE-2016-9439: w3m: stack overflow</issue>
  <issue id="1011289" tracker="bnc">VUL-0: CVE-2016-9440: w3m: near-null deref</issue>
  <issue id="1011286" tracker="bnc">VUL-0: CVE-2016-9437: w3m: write to rodata</issue>
  <issue id="1011287" tracker="bnc">VUL-0: CVE-2016-9438: w3m: null deref</issue>
  <issue id="1011284" tracker="bnc">VUL-0: CVE-2016-9435: w3m: use uninit value</issue>
  <issue id="1011285" tracker="bnc">VUL-0: CVE-2016-9436: w3m: use uninit value</issue>
  <issue id="1011283" tracker="bnc">VUL-0: CVE-2016-9434: w3m: null deref</issue>
  <issue id="1012030" tracker="bnc">VUL-0: CVE-2016-9631: w3m: null deref</issue>
  <issue id="1012031" tracker="bnc">VUL-0: CVE-2016-9632: w3m: global-buffer-overflow read</issue>
  <issue id="1012032" tracker="bnc">VUL-0: CVE-2016-9633: w3m: OOM</issue>
  <issue id="1011291" tracker="bnc">VUL-0: CVE-2016-9442: w3m: potential heap buffer corruption</issue>
  <issue id="1011290" tracker="bnc">VUL-0: CVE-2016-9441: w3m: near-null deref</issue>
  <issue id="1011293" tracker="bnc">VUL-0: TRACKERBUG: w3m: multiple vulnerabilities</issue>
  <issue id="1011292" tracker="bnc">VUL-0: CVE-2016-9443: w3m: null deref</issue>
  <issue id="2016-9442" tracker="cve" />
  <issue id="2016-9443" tracker="cve" />
  <issue id="2016-9440" tracker="cve" />
  <issue id="2016-9441" tracker="cve" />
  <issue id="2016-9626" tracker="cve" />
  <issue id="2016-9627" tracker="cve" />
  <issue id="2016-9624" tracker="cve" />
  <issue id="2016-9625" tracker="cve" />
  <issue id="2016-9622" tracker="cve" />
  <issue id="2016-9623" tracker="cve" />
  <issue id="2016-9621" tracker="cve" />
  <issue id="2016-9628" tracker="cve" />
  <issue id="2016-9629" tracker="cve" />
  <issue id="2016-9437" tracker="cve" />
  <issue id="2016-9436" tracker="cve" />
  <issue id="2016-9435" tracker="cve" />
  <issue id="2016-9434" tracker="cve" />
  <issue id="2016-9439" tracker="cve" />
  <issue id="2016-9438" tracker="cve" />
  <issue id="2016-9631" tracker="cve" />
  <issue id="2016-9630" tracker="cve" />
  <issue id="2016-9633" tracker="cve" />
  <issue id="2016-9632" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>tsaupe</packager>
  <description>
This update for w3m fixes the following issues:

- update to debian git version (bsc#1011293)
  addressed security issues:
         CVE-2016-9622: w3m: null deref (bsc#1012021)
         CVE-2016-9623: w3m: null deref (bsc#1012022)
         CVE-2016-9624: w3m: near-null deref (bsc#1012023)
         CVE-2016-9625: w3m: stack overflow (bsc#1012024)
         CVE-2016-9626: w3m: stack overflow (bsc#1012025)
         CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026)
         CVE-2016-9628: w3m: null deref (bsc#1012027)
         CVE-2016-9629: w3m: null deref (bsc#1012028)
         CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029)
         CVE-2016-9631: w3m: null deref (bsc#1012030)
         CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031)
         CVE-2016-9633: w3m: OOM (bsc#1012032)
         CVE-2016-9434: w3m: null deref (bsc#1011283)
         CVE-2016-9435: w3m: use uninit value (bsc#1011284)
         CVE-2016-9436: w3m: use uninit value (bsc#1011285)
         CVE-2016-9437: w3m: write to rodata (bsc#1011286)
         CVE-2016-9438: w3m: null deref (bsc#1011287)
         CVE-2016-9439: w3m: stack overflow (bsc#1011288)
         CVE-2016-9440: w3m: near-null deref (bsc#1011289)
         CVE-2016-9441: w3m: near-null deref (bsc#1011290)
         CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291)
         CVE-2016-9443: w3m: null deref (bsc#1011292)
</description>
  <summary>Security update for w3m</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places