Description: "A security issue has been discovered in Links, which can be exploited by malicious people to conduct spoofing attacks. The problem is that the certificate presented by a server at the beginning of an SSL session is not verified. This can be exploited to spoof valid servers via a man-in-the-middle attack. The security issue is confirmed in version 2.2. Other versions may also be affected."
ive added the fix that Debian has to 2.3_pre1-r1 and so that version can be stabilized i think
works for me on amd64
amd64 done
Seems also good to go on x86 here.
Tested OK on SPARC, stabilisation would be good.
ppc/ppc64 stable
Stable for HPPA.
x86 done. Thanks Andreas!
sparc done, thanks Alex Buell
alpha/arm/ia64/s390/sh stable
Thanks, folks. GLSA Vote: yes
Yes, too. GLSA request filed.
This issue was resolved and addressed in GLSA 201206-32 at http://security.gentoo.org/glsa/glsa-201206-32.xml by GLSA coordinator Stefan Behte (craig).