Описание
ELSA-2009-1471: elinks security update (IMPORTANT)
[0.11.1-6.1]
- fix #235411 - CVE-2007-2027 - elinks tries to load .po files from non-absolute path
- fix #523258 - CVE-2008-7224 - entity_cache static array buffer overflow
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
elinks
0.11.1-6.el5_4.1
Oracle Linux x86_64
elinks
0.11.1-6.el5_4.1
Oracle Linux i386
elinks
0.11.1-6.el5_4.1
Связанные CVE
Связанные уязвимости
Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows remote attackers to cause a denial of service (crash) via a crafted link.
Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows remote attackers to cause a denial of service (crash) via a crafted link.
Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows remote attackers to cause a denial of service (crash) via a crafted link.
Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows remo ...
Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog (.po file) in a "../po" directory, which can be leveraged to conduct format string attacks.