Re: Preparation of Debian GNU/Linux 2.2r4
Hi,
At Sat, 13 Oct 2001 12:32:24 +0200,
Martin Schulze wrote:
> Accepted packages
> -----------------
> w3m stable 0.1.10+0.1.11pre+kokb23-1 alpha, arm, i386, sparc
> w3m stable 0.1.6-4 powerpc
> w3m updates 0.1.10+0.1.11pre+kokb23-4 alpha, arm, i386, powerpc, sparc
>
> install w3m_0.1.10+0.1.11pre+kokb23-4_i386.changes
> install w3m_0.1.10+0.1.11pre+kokb23-4_security.changes
>
> * [SECURITY FIX] backport fix of mime header buffer overflow
> SNS Advisory No.32
> w3m malformed MIME header Buffer Overflow Vulnerability
> http://www.lac.co.jp/security/snsadv/32.html (Japanese)
> * dont install w3m.el in emacs dir because it wont work well.
> closes: Bug#96385
>
> It's an unknown security fix, but w3m fixed tend to be
> japanese only, so we can't handle them properly anyway...
> Even all architectures are in sync, wow.
This security advisory is already translated in English
http://www.lac.co.jp/security/english/snsadv_e/32_e.html
> Further investigation
> ---------------------
> w3m-ssl updates 0.1.10+0.1.11pre+kokb23-4 i386
>
> delay-install w3m-ssl_0.1.10+0.1.11pre+kokb23-4_i386.changes
>
> Unknown security fix
Same security fix as above
http://www.lac.co.jp/security/english/snsadv_e/32_e.html
w3m-ssl is simply ssl enabled version of w3m
> 5/6 architectures missing
How can I help to sync all architecture?
Regards,
Fumitoshi UKAI
Reply to: