-
w3m (0.5.1-4ubuntu2.6.06.1) dapper-security; urgency=low
* SECURITY UPDATE: perform certificate host validation
- debian/patches/60-w3m-0.5.2-CVE-2010-2074-nulcn.diff: handle a '\0'
character in a domain name in the CN and SAN, applied inline
- 70-w3m-0.5.2-disable_sslv2.diff: disable SSLv2 by default,
applied inline
- CVE-2010-2074
- References
http://www.openwall.com/lists/oss-security/2010/06/14/4
-- Steve Beattie <email address hidden> Mon, 02 Aug 2010 12:23:20 -0700
-
w3m (0.5.1-4ubuntu2.6.06) dapper-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via prompt format string.
* Add 'debian/patches/90_format_string_fix.patch' from upstream CVS,
applied inline.
* References
http://sourceforge.net/tracker/index.php?func=detail&aid=1612792&group_id=39518&atid=425439
-- Kees Cook <email address hidden> Tue, 2 Jan 2007 14:57:26 -0800
-
w3m (0.5.1-4ubuntu2) dapper; urgency=low
* Add libimlib2-dev build dependency to repair w3m-img image support.
Closes: LP#32996
-- Martin Pitt <email address hidden> Wed, 5 Apr 2006 09:58:24 +0200
-
w3m (0.5.1-4ubuntu1) dapper; urgency=low
* Drop libgdk-pixbuf build dependency to get rid of Gnome 1 in main. (Don't
worry, w3m-image can still display images :) ).
-- Martin Pitt <email address hidden> Fri, 3 Feb 2006 11:20:18 +0000
-
w3m (0.5.1-4) unstable; urgency=low
* GCC 4.0 C++ ABI change.
rebuild with libgc-dev 1:6.5-1 for libgc1c2
closes: Bug#318160
-- Fumitoshi UKAI <email address hidden> Thu, 14 Jul 2005 15:10:30 +0000
