Updated lynx package fixes security vulnerability
Publication date: 16 Dec 2017Modification date: 16 Dec 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-1000211
Description
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself. (CVE-2017-1000211)
References
SRPMS
5/core
- lynx-2.8.8-1.rel2.3.2.mga5
6/core
- lynx-2.8.8-1.rel2.6.1.mga6