Overview

File _patchinfo of Package patchinfo.31354

<patchinfo incident="31354">
  <issue tracker="cve" id="2023-38253"/>
  <issue tracker="cve" id="2023-38252"/>
  <issue tracker="bnc" id="1213324">VUL-0: CVE-2023-38252: w3m: out-of-bounds read in Strnew_size() at w3m/Str.c</issue>
  <issue tracker="bnc" id="1213323">VUL-0: CVE-2023-38253: w3m: out-of-bounds read in growbuf_to_Str() at w3m/indep.c</issue>
  <packager>tsaupe</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for w3m</summary>
  <description>This update for w3m fixes the following issues:

- Update to version 0.5.3+git20230121
- CVE-2023-38252: Fixed an out-of-bounds write in function Strnew_size that allows attackers to cause a denial of service via a crafted HTML file. (bsc#1213324)
- CVE-2023-38253: Fixed an out-of-bounds write in function growbuf_to_Str that allows attackers to cause a denial of service via a crafted HTML file. (bsc#1213323)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places