Advisories ยป MGASA-2017-0451

Updated lynx package fixes security vulnerability

Publication date: 16 Dec 2017
Modification date: 16 Dec 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-1000211

Description

Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML
parser resulting in memory disclosure, because HTML_put_string() can
append a chunk onto itself. (CVE-2017-1000211)
                

References

SRPMS

5/core

6/core