SUSE-SU-2019:0776-1 -- SLES w3mID: oval:org.secpod.oval:def:89003440 | Date: (C)2021-02-27 (M)2024-01-02 |
Class: PATCH | Family: unix |
This update for w3m fixes several issues. These security issues were fixed: - CVE-2018-6196: Prevent infinite recursion in HTMLlineproc0 caused by the feed_table_block_tag function which did not prevent a negative indent value - CVE-2018-6197: Prevent NULL pointer dereference in formUpdateBuffer - CVE-2018-6198: w3m did not properly handle temporary files when the ~/.w3m directory is unwritable, which allowed a local attacker to craft a symlink attack to overwrite arbitrary files
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP4 |