On Tue, Nov 06, 2012 at 11:57:59AM +0100, Moritz Muehlenhoff wrote: > Package: lynx-cur > Version: 2.8.7dev9-2.1
The package list for lynx-cur doesn't list that version. It shows 2.8.8dev.5-1 as the lowest version. > Severity: important > Tags: security > > Hi, > please see Section 7.4 of this paper: > http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf > > This has been assigned CVE-2012-5821. The fix can be easily abstracted from the changes in dev.13 -- Thomas E. Dickey <[email protected]> http://invisible-island.net ftp://invisible-island.net
signature.asc
Description: Digital signature
