Damn, I made a mistake when looking at the logfile.
Sorry about #296051.
So, can we stabilize w3m-0.5.2-r4?
Please mark stable =www-client/w3m-0.5.2-r4.
w3m-0.5.2-r2.ebuild:KEYWORDS="alpha amd64 ia64 ppc ppc64 sparc x86"
w3m-0.5.2-r4.ebuild:KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~ppc64 ~sparc ~x86"
istream.c in w3m 0.5.2 and possibly other versions, when
ssl_verify_server is enabled, does not properly handle a '\0'
character in a domain name in the (1) subject's Common Name or (2)
Subject Alternative Name field of an X.509 certificate, which allows
man-in-the-middle attackers to spoof arbitrary SSL servers via a
crafted certificate issued by a legitimate Certification Authority, a
related issue to CVE-2009-2408.
Stable for PPC.
glsa request filed.
Nothing to do left as cjk. Removing CC.
This issue was resolved and addressed in
GLSA 201210-01 at http://security.gentoo.org/glsa/glsa-201210-01.xml
by GLSA coordinator Stefan Behte (craig).