Damn, I made a mistake when looking at the logfile.
Sorry about #296051. So, can we stabilize w3m-0.5.2-r4?
Sure. Please mark stable =www-client/w3m-0.5.2-r4. FYI w3m-0.5.2-r2.ebuild:KEYWORDS="alpha amd64 ia64 ppc ppc64 sparc x86" w3m-0.5.2-r4.ebuild:KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~ppc64 ~sparc ~x86"
x86 stable
amd64 stable
CVE-2010-2074 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2074): istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
alpha/ia64/sparc stable
ppc64 done
Stable for PPC.
glsa request filed.
Nothing to do left as cjk. Removing CC.
This issue was resolved and addressed in GLSA 201210-01 at http://security.gentoo.org/glsa/glsa-201210-01.xml by GLSA coordinator Stefan Behte (craig).