SUSE-SU-2017:0599-1

Опубликовано: 03 мар. 2017

Источник: suse-cvrf

Описание

Security update for lynx

This update for lynx fixes the following issues:

CVE-2016-9179: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host. (bsc#1008642)

Список пакетов

SUSE Linux Enterprise Software Development Kit 11 SP4

lynx-2.8.6-145.1

Ссылки

https://www.suse.com/support/update/announcement/2017/suse-su-20170599-1/
Link for SUSE-SU-2017:0599-1
https://lists.suse.com/pipermail/sle-security-updates/2017-March/002675.html
E-Mail link for SUSE-SU-2017:0599-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1008642
SUSE Bug 1008642
https://www.suse.com/security/cve/CVE-2016-9179/
SUSE CVE CVE-2016-9179 page

Описание

lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host.

Затронутые продукты

SUSE Linux Enterprise Software Development Kit 11 SP4:lynx-2.8.6-145.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-9179.html
CVE-2016-9179
https://bugzilla.suse.com/1008642
SUSE Bug 1008642

SUSE-SU-2017:0599-1

Описание

Список пакетов

SUSE Linux Enterprise Software Development Kit 11 SP4

Ссылки

Уязвимость: CVE-2016-9179

Описание

Затронутые продукты

Ссылки