Control: tags -1 + confirmed On Fri, 2018-01-26 at 19:14 +0900, Tatsuya Kinoshita wrote: > I'd like to update package w3m in stretch to fix multiple security > flaws, managed as no DSA, minor/unimportant. > cf. https://security-tracker.debian.org/tracker/source-package/w3m > > See this changelog and the attached debdiff. > > w3m (0.5.3-34+deb9u1) stretch; urgency=medium > > * New patch 955_tbl-indent.patch to fix stack overflow [CVE-2018- > 6196] > * New patch 956_columnpos.patch to fix null deref [CVE-2018-6197] > * New patch 957_mkdtemp.patch to fix /tmp file races [CVE-2018- > 6198] > (closes: #888097) >
Please go ahead. Regards, Adam