Updated lynx package fixes security vulnerability
Publication date: 16 Dec 2017Modification date: 16 Dec 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-1000211
Description
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML
parser resulting in memory disclosure, because HTML_put_string() can
append a chunk onto itself. (CVE-2017-1000211)
References
SRPMS
6/core
- lynx-2.8.8-1.rel2.6.1.mga6
5/core
- lynx-2.8.8-1.rel2.3.2.mga5