Control: tags -1 + confirmed
On Fri, 2018-01-26 at 19:14 +0900, Tatsuya Kinoshita wrote:
> I'd like to update package w3m in stretch to fix multiple security
> flaws, managed as no DSA, minor/unimportant.
> cf. https://security-tracker.debian.org/tracker/source-package/w3m
> See this changelog and the attached debdiff.
> w3m (0.5.3-34+deb9u1) stretch; urgency=medium
> * New patch 955_tbl-indent.patch to fix stack overflow [CVE-2018-
> * New patch 956_columnpos.patch to fix null deref [CVE-2018-6197]
> * New patch 957_mkdtemp.patch to fix /tmp file races [CVE-2018-
> (closes: #888097)
Please go ahead.