Debian Patches
Status for w3m/0.5.3+git20230121-2.1
Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
---|---|---|---|---|---|---|
0001-Update-German-message-catalogue.patch | Update German message catalogue | Markus Hiereth <translation@hiereth.de> | no | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029933#5 | 2023-01-29 | |
0002-CVE-2023-4255.patch | [PATCH] Fix OOB access due to multiple backspaces Commit 419ca82d57 (Fix m17n backspace handling causes out-of-bounds write in checkType) introduced an incomplete fix. In function checkType we store the length of the previous multi-char character in a buffer plens_buffer with pointer plens pointing to the current position inside the buffer. When encountering a backspace plens is set to the previous position without a bounds check. This will lead to plens being out of bounds if we get more backspaces than we have processed multi-char characters before. If we are at the beginning of the buffer do not decrement and set plen (the current length) to 0. This also fixes GH Issue #270 [BUG] Out of bound read in Strnew_size , Str.c:61 If the above explanation does sound weird it's because I didn't fully grok that function. :-) |
Rene Kita <mail@rkta.de> | no | 2023-07-13 |
All known versions for source package 'w3m'
- 0.5.3+git20230121-2.1 (trixie, sid)
- 0.5.3+git20230121-2 (bookworm)
- 0.5.3+git20210102-6+deb11u1 (bullseye)