[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-devel:17856] Re: w3m's bugs

From: Hideki Yamane <henrich@debian.or.jp>
Subject: [debian-devel:17856] Re: w3m's bugs
Date: Sat, 3 Jul 2010 17:10:30 +0900
List-help: <mailto:debian-devel-ctl@debian.or.jp?body=help>
List-id: debian-devel.debian.or.jp
List-owner: <mailto:debian-devel-admin@debian.or.jp>
List-post: <mailto:debian-devel@debian.or.jp>
List-software: fml [fml 4.0.3 release (20011202/4.0.3)]
List-unsubscribe: <mailto:debian-devel-ctl@debian.or.jp?body=unsubscribe>
Organization: Debian JP Project
X-ml-info: If you have a question, send e-mail with the body "help" (without quotes) to the address debian-devel-ctl@debian.or.jp; help=<mailto:debian-devel-ctl@debian.or.jp?body=help>
X-ml-name: debian-devel
X-mlserver: fml [fml 4.0.3 release (20011202/4.0.3)]; post only (only members can post)
X-spam-checker-version: SpamAssassin 3.1.7-deb3 (2006-10-05) on osdn.debian.or.jp
X-spam-level:
X-spam-status: No, score=-2.4 required=10.0 tests=KI autolearn=disabled version=3.1.7-deb3
References: <20100702160210.GA32229@xxxxxxxxxxxxxxxxxxxx>
Message-id: <20100703171026.c64d1efa.henrich@debian.or.jp>
X-mail-count: 17856
X-mailer: Sylpheed 3.0.2 (GTK+ 2.20.1; i486-pc-linux-gnu)

On Sat, 3 Jul 2010 01:02:30 +0900
debian@xxxxxx wrote:
> やまねさんのつぶやきから、w3m のバグをざっと確認しました。
> 各バグを処理する前にメモ程度ですがまとめをこちらに流させていただきます。
> w3m-dev-ml は1年半メールが流れていませんが、そちらにも状況伺いを出す予定です。

　ありがとうございます！素晴らしい :)
　対応できそうなのがあれば、反応などいただければ＞木下さん


> -------------------------------------------------------------------------------
> grave
> 
> CVE-2010-2074
> http://bugs.debian.org/587445
> 
> 	CVE-2009-2408 の w3m 版。
> 	CN フィールドにある \0 を適切に処理していない問題。

　パッチ自体はreportにあるように openwall の方が出しているようですね。


-- 
Regards,

 Hideki Yamane     henrich @ debian.or.jp/org
 http://wiki.debian.org/HidekiYamane

Follow-Ups:
- [debian-devel:17857] Re: w3m's bugs
  - From: Tatsuya Kinoshita

References:
- [debian-devel:17855] w3m's bugs
  - From: debian

Prev by Date: [debian-devel:17855] w3m's bugs
Next by Date: [debian-devel:17857] Re: w3m's bugs
Previous by thread: [debian-devel:17855] w3m's bugs
Next by thread: [debian-devel:17857] Re: w3m's bugs
Index(es):
- Date
- Thread