Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

w3m-0.5.3+git20180125-lp151.2.3 RPM for x86_64

From OpenSuSE Leap 15.1 for x86_64

Name: w3m Distribution: openSUSE Leap 15.1
Version: 0.5.3+git20180125 Vendor: openSUSE
Release: lp151.2.3 Build date: Mon Dec 17 18:57:27 2018
Group: Productivity/Networking/Web/Browsers Build host: lamb23
Size: 2346133 Source RPM: w3m-0.5.3+git20180125-lp151.2.3.src.rpm
Summary: A text-based WWW browser
W3m is a pager and text-based WWW browser. It has a number of useful

* w3m can render tables

* w3m can render frames (it converts the frames into a table)

* SSL support

* w3m can easily display documents from standard input

* w3m can handle cookies

* w3m is small

* w3m has mouse support

If w3m-inline-image is installed it can display graphics inside
terminals, even on the console on some platforms.






* Thu Jan 25 2018
  - add git ChangeLog to /usr/share/doc/w3m/
  - update to version 0.5.3+git20180125
    addressed security issue:
      CVE-2018-6196: w3m: an infinite recursion flaw in HTMLlineproc0
      because the feed_table_block_tag function in table.c does not
      prevent a negative indent value allows for (bsc#1077559)
      CVE-2018-6197: w3m: NULL pointer dereference flaw in formUpdateBuffer
      in form.c (bsc#1077568)
      CVE-2018-6198: w3m: does not properly handle temporary files when
      the ~/.w3m directory is unwritable, which allows a local attacker to
      craft a symlink attack to overwrite arbitrary files (bsc#1077572)
    other changes, bugfixes see: /usr/share/doc/w3m/ChangeLog
* Thu Nov 24 2016
  - update to debian git version (bsc#1011293)
    addressed security issues:
      CVE-2016-9621: w3m: global-buffer-overflow write (bsc#1012020)
      CVE-2016-9622: w3m: null deref (bsc#1012021)
      CVE-2016-9623: w3m: null deref (bsc#1012022)
      CVE-2016-9624: w3m: near-null deref (bsc#1012023)
      CVE-2016-9625: w3m: stack overflow (bsc#1012024)
      CVE-2016-9626: w3m: stack overflow (bsc#1012025)
      CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026)
      CVE-2016-9628: w3m: null deref (bsc#1012027)
      CVE-2016-9629: w3m: null deref (bsc#1012028)
      CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029)
      CVE-2016-9631: w3m: null deref (bsc#1012030)
      CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031)
      CVE-2016-9633: w3m: OOM (bsc#1012032)
      CVE-2016-9434: w3m: null deref (bsc#1011283)
      CVE-2016-9435: w3m: use uninit value (bsc#1011284)
      CVE-2016-9436: w3m: use uninit value (bsc#1011285)
      CVE-2016-9437: w3m: write to rodata (bsc#1011286)
      CVE-2016-9438: w3m: null deref (bsc#1011287)
      CVE-2016-9439: w3m: stack overflow (bsc#1011288)
      CVE-2016-9440: w3m: near-null deref (bsc#1011289)
      CVE-2016-9441: w3m: near-null deref (bsc#1011290)
      CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291)
      CVE-2016-9443: w3m: null deref (bsc#1011292)
    dropped patches:
    ported patches:
      w3m-disable-cookie-special-domain-check.patch to
      w3m-0.4.1-session-mgmt.dif to
      w3m-history-crossdev.patch to
      w3mman-formatting.patch to
* Fri Jun 24 2016
  - w3mman-formatting.patch: w3mman now doesn't show invalid
    characters anymore (bsc#950800)
* Wed Jun 22 2016
  - Add w3m-scheme.patch to fix a segfault when doing a https request
    to an unresolvable host (bsc#950468).
* Mon Mar 02 2015
  - Add w3m-fix-build-with-imlib2-1.4.6.patch: fix build with imlib2 1.4.6,
    the patch is from Debian. See
* Sun Dec 21 2014
  - build with PIE support
* Wed Mar 12 2014
  - w3m-parallel-make.patch: More dependency fixes for parallel build
* Tue Aug 20 2013
  - w3m-parallel-make.patch: Fix missing dependency for parallel build
* Fri Jun 21 2013
  - attempting to download a large file will end in total fail
    on 32bit archs, use LFS_CFLAGS to fix that problem.
* Thu Mar 21 2013
  - Make w3m compile with gc 7.x (adds w3m-gc7.diff),
    and also use the system libgc.
* Mon Nov 12 2012
  - Due to the "CRIME attack" (CVE-2012-4929) HTTPS clients
    that negotiate TLS-level compression can be abused for
    MITM attacks. (w3m-openssl.patch)
  - Use SSL_MODE_RELEASE_BUFFERS if available .
* Fri Sep 28 2012
  - license update: ISC
    w3m permissive license much more akin to ISC ( than
    to either BSD or MIT
* Thu Sep 27 2012
  - Build with OPENSSL_NO_SSL_INTERN, poor's man visibility
    to avoid ABI breaks between different openssl version.
  - Also define _GNU_SOURCE to allow some extra optimizations
    with recent GCC versions.
* Fri Mar 23 2012
  - Removed w3m-helppaths.patch, because it broke interactive help
    (bnc#747560). It was a leftover that should have been removed
    as part of the May 2011 package overhaul.
* Tue Aug 30 2011
  - Fix build error: redefinition of 'struct file_handle'
* Sat Jul 30 2011
  - Use ncursesw6 instead of old ncurses5
* Fri May 20 2011
  - Overhaul the package
  - Add license files and other stuff from the doc subcdir
* Tue Jan 18 2011
  - Version 0.5.3:
    * security fix
    - fix vulnerabilities indicated by
    - suppress sending Referer, if https:// -> http://
    * new features
    - adapt w3mimg to native windows on MS Windows.
    - support xterm-incompatible terminals without gpm.
    - add "xhtml" to default guess.
    - introduce option pseudo_inlines.
    - add option to avoid "wrong number of dots" error in cookies.
    * other bug fixes
    - fix "important" bugs from
    - preserve spaces in multibyte context.
    - fix proxy authentication.
* Tue Jun 15 2010
  - Fix handling of embedded nul characters in certificate subjects.
    (bnc#609451, CVE-2010-2074).
  - Turn on certificate verification by default.
* Thu Dec 31 2009
  - enable parallel build
* Tue Nov 03 2009
  - updated patches to apply with fuzz=0
* Mon Sep 07 2009
  - Added w3m-closedir.patch to fix a directory descriptor leak in
    loadLocalDir (bnc#531675).
* Mon Aug 03 2009
  - small patch for gc to work with qemu-arm on the workers



Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Sep 10 14:36:19 2019