*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: links2 * SECURITY UPDATE: + session.c: - Make sure links cannot bypass the proxy, if it is configurered only to use it in order to avoid leaking of sensitive information to external programs. * References + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3329 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492744 ** Affects: links2 (Ubuntu) Importance: Medium Assignee: Emanuele Gentili (emgent) Status: Fix Released ** Affects: links2 (Ubuntu Dapper) Importance: Undecided Status: New ** Affects: links2 (Ubuntu Feisty) Importance: Undecided Status: New ** Affects: links2 (Ubuntu Gutsy) Importance: Undecided Status: New ** Affects: links2 (Ubuntu Hardy) Importance: Medium Assignee: Emanuele Gentili (emgent) Status: In Progress ** Affects: links2 (Ubuntu Intrepid) Importance: Medium Assignee: Emanuele Gentili (emgent) Status: Fix Released ** Visibility changed to: Public -- CVE-2008-3329 Links2 when "only proxies" is selected, don't pass URLs to external programs https://bugs.launchpad.net/bugs/254780 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs