[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [pkg-lynx-maint] [Lynx-dev] CVE-2016-9179 (invalid URL parsing with '?')

On Mon, Nov 21, 2016 at 05:40:37PM +1100, Brian May wrote:
> Thomas Dickey <dickey@his.com> writes:
> >> So IMHO the warning is obsolete in this specific case, i.e. with "?@"
> >> without "/" before it.
> >
> > I see (for dev.12, then - dev.11 was last night)
> When do you expect to release dev.12 with this change?

I'm not certain (I have ongoing changes to xterm and vile which I'd
like to finish also...).

I spent some time today investigating this area in lynx, and
saw some further improvements to make, but am not done yet.

Thomas E. Dickey <dickey@invisible-island.net>

Attachment: signature.asc
Description: Digital signature

Reply to: