Debian Patches

Status for w3m/0.5.3+git20230121-2.1

Patch Description Author Forwarded Bugs Origin Last update
0001-Update-German-message-catalogue.patch Update German message catalogue Markus Hiereth <translation@hiereth.de> no https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029933#5 2023-01-29
0002-CVE-2023-4255.patch [PATCH] Fix OOB access due to multiple backspaces
Commit 419ca82d57 (Fix m17n backspace handling causes out-of-bounds
write in checkType) introduced an incomplete fix.

In function checkType we store the length of the previous multi-char
character in a buffer plens_buffer with pointer plens pointing to the
current position inside the buffer. When encountering a backspace plens
is set to the previous position without a bounds check. This will lead
to plens being out of bounds if we get more backspaces than we have
processed multi-char characters before.

If we are at the beginning of the buffer do not decrement and set plen
(the current length) to 0.

This also fixes GH Issue #270 [BUG] Out of bound read in Strnew_size ,
Str.c:61

If the above explanation does sound weird it's because I didn't fully
grok that function. :-)
Rene Kita <mail@rkta.de> no 2023-07-13

All known versions for source package 'w3m'

Links