This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============8893902598112860094== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="qor5Jp27XVoiu6aFdwlbv2XRRv4di0LcK"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --qor5Jp27XVoiu6aFdwlbv2XRRv4di0LcK Content-Type: multipart/mixed; boundary="t5F2Kd2nJbGOR6UkooPvuDgiMKVFHkV7S" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <c3f180ef-9fa2-055e-7e74-6104ce1e607a@canonical.com> Subject: [USN-3214-1] w3m vulnerabilities
--t5F2Kd2nJbGOR6UkooPvuDgiMKVFHkV7S Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3214-1 March 02, 2017
w3m vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in w3m.
Software Description: - w3m: WWW browsable pager with excellent tables/frames support
Details:
A large number of security issues were discovered in the w3m browser. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: w3m 0.5.3-15ubuntu0.1
Ubuntu 12.04 LTS: w3m 0.5.3-5ubuntu1.2
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3214-1 CVE-2016-9422, CVE-2016-9423, CVE-2016-9424, CVE-2016-9425, CVE-2016-9426, CVE-2016-9428, CVE-2016-9429, CVE-2016-9430, CVE-2016-9431, CVE-2016-9432, CVE-2016-9433, CVE-2016-9434, CVE-2016-9435, CVE-2016-9436, CVE-2016-9437, CVE-2016-9438, CVE-2016-9439, CVE-2016-9440, CVE-2016-9441, CVE-2016-9442, CVE-2016-9443, CVE-2016-9622, CVE-2016-9623, CVE-2016-9624, CVE-2016-9625, CVE-2016-9626, CVE-2016-9627, CVE-2016-9628, CVE-2016-9629, CVE-2016-9630, CVE-2016-9631, CVE-2016-9632, CVE-2016-9633
Package Information: https://launchpad.net/ubuntu/+source/w3m/0.5.3-15ubuntu0.1 https://launchpad.net/ubuntu/+source/w3m/0.5.3-5ubuntu1.2
--t5F2Kd2nJbGOR6UkooPvuDgiMKVFHkV7S--
--qor5Jp27XVoiu6aFdwlbv2XRRv4di0LcK Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJYuDw0AAoJEGVp2FWnRL6TB9MQAKBPmVslMvcF1sTxlAV0XQ3K LOZJoAGfv+qwDECFO2247wP5osrNuPw7v0jHKguWKB+kVvVu2+HRdZ8/LbnFB5fd tCx9KcfcIEJgTHv16OVZj6RdBu4zU3Vmh12yJi0ef2z1wvWP/qKhucZ7xATZ7Qqk yXCRoyXIn75CnHnDNPTumnJ8nJ2fVVnbxPZyi01HypZp+8dbKCov+eSAqsyuJPBs Xzaz2OdVIVRNojYqi9LaewUfOWHLzq+8FVb1FoQTmqPW6u1Rcy2MkCfwY9ADYOmP F58P8q4Oovb+WHAfcFXVBejQnFKcvxHABowuK+rWa1ZC87Tv1F0pZG2byzW6hYvs CZlEnfnvOGe2ltSupBbFElzSQBPCZZni1phBAT45LSPqepXv3mAQxudAJ1UmHveO AOFxpfQtjvHboB+ueEMeHdzQyuyHTDMNSATn9kUsP4i1vIgGcp+BTnmXmDKEfuhs XDY+Ord3gLq+Ih15b3tErhyNWTTp/0Y5Soe6UsmENEu3/pkfTpBfiwe3u4wI5bIp G4/obOaIIkjuLi/LYI/OgFvjRm0hUYw7pOkN42qjn0f70sHAQM/OddC6AW6Kvh5N kz9B5jq9yMY8fWHq1MCSvBlAzTTXZVypaXW4cHDkzF17HP5ridLdnhcVJ6FjVFXw o6qHM9/vd1HYN7kH6lvs =oaKG -----END PGP SIGNATURE-----
--qor5Jp27XVoiu6aFdwlbv2XRRv4di0LcK--
--===============8893902598112860094== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============8893902598112860094==--
|