Summary: | <www-client/links-2.8-r1: integer overflow in parsing of HTML tables (CVE-2013-6050) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | radhermit, ssuominen |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1036619 | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2013-12-02 15:24:54 UTC
Patch available for the vulnerability at this location: https://bugzilla.redhat.com/attachment.cgi?id=831533 Please advise when build ready for stabilization. Thank you. CVE-2013-6050 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6050): Integer overflow in Links before 2.8 allows remote attackers to cause a denial of service (crash) via crafted HTML tables. Test and stabilize: =www-client/links-2.8-r1 Stable for HPPA. Builds and runs fine on x86. Please mark stable for x86. ppc stable ppc64 stable amd64 stable alpha stable x86 stable sparc stable arm stable ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. GLSA request filed Oops, this should be rated B3, cause it's just DoS per secunia advisory and RedHat bug. But anyway, i have filed GLSA requests already Cleanup done. This issue was resolved and addressed in GLSA 201402-11 at http://security.gentoo.org/glsa/glsa-201402-11.xml by GLSA coordinator Chris Reffett (creffett). |