Bug 1011289 (CVE-2016-9440)

Summary: VUL-0: CVE-2016-9440: w3m: near-null deref
Product: [Novell Products] SUSE Security Incidents Reporter: Alexander Bergmann <abergmann>
Component: IncidentsAssignee: Thomas Blume <thomas.blume>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: abergmann
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVSSv2:RedHat:CVE-2016-9440:4.3:(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVSSv2:NVD:CVE-2016-9440:4.3:(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVSSv3:NVD:CVE-2016-9440:6.5:(AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) maint:released:sle10-sp3:63653 CVSSv3:RedHat:CVE-2016-9440:4.3:(AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 1011293    

Description Alexander Bergmann 2016-11-21 12:05:47 UTC
w3m: multiple vulnerabilities
http://seclists.org/oss-sec/2016/q4/452

segfault due to dereference near-null pointer in formUpdateBuffer

Issue: https://github.com/tats/w3m/issues/22
Comment 1 Swamp Workflow Management 2016-11-21 23:00:52 UTC
bugbot adjusting priority
Comment 2 Alexander Bergmann 2016-11-22 09:15:19 UTC
Upstream Fix:
https://github.com/tats/w3m/commit/4a8d16fc8d08206dd7142435054ee38ff41805b7
Comment 3 Swamp Workflow Management 2016-12-07 19:12:35 UTC
SUSE-SU-2016:3046-1: An update that fixes 28 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1011269,1011270,1011271,1011272,1011283,1011284,1011285,1011286,1011287,1011288,1011289,1011290,1011291,1011292,1011293,1012020,1012021,1012022,1012023,1012024,1012025,1012026,1012027,1012028,1012029,1012030,1012031,1012032
CVE References: CVE-2010-2074,CVE-2016-9422,CVE-2016-9423,CVE-2016-9424,CVE-2016-9425,CVE-2016-9434,CVE-2016-9435,CVE-2016-9436,CVE-2016-9437,CVE-2016-9438,CVE-2016-9439,CVE-2016-9440,CVE-2016-9441,CVE-2016-9442,CVE-2016-9443,CVE-2016-9621,CVE-2016-9622,CVE-2016-9623,CVE-2016-9624,CVE-2016-9625,CVE-2016-9626,CVE-2016-9627,CVE-2016-9628,CVE-2016-9629,CVE-2016-9630,CVE-2016-9631,CVE-2016-9632,CVE-2016-9633
Sources used:
SUSE Linux Enterprise Server 11-SP4 (src):    w3m-0.5.3.git20161120-4.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    w3m-0.5.3.git20161120-4.1
Comment 4 Swamp Workflow Management 2016-12-08 13:09:29 UTC
SUSE-SU-2016:3053-1: An update that fixes 23 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1011283,1011284,1011285,1011286,1011287,1011288,1011289,1011290,1011291,1011292,1011293,1012021,1012022,1012023,1012024,1012025,1012026,1012027,1012028,1012029,1012030,1012031,1012032
CVE References: CVE-2016-9434,CVE-2016-9435,CVE-2016-9436,CVE-2016-9437,CVE-2016-9438,CVE-2016-9439,CVE-2016-9440,CVE-2016-9441,CVE-2016-9442,CVE-2016-9443,CVE-2016-9621,CVE-2016-9622,CVE-2016-9623,CVE-2016-9624,CVE-2016-9625,CVE-2016-9626,CVE-2016-9627,CVE-2016-9628,CVE-2016-9629,CVE-2016-9630,CVE-2016-9631,CVE-2016-9632,CVE-2016-9633
Sources used:
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    w3m-0.5.3.git20161120-160.1
SUSE Linux Enterprise Server 12-SP2 (src):    w3m-0.5.3.git20161120-160.1
SUSE Linux Enterprise Server 12-SP1 (src):    w3m-0.5.3.git20161120-160.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    w3m-0.5.3.git20161120-160.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    w3m-0.5.3.git20161120-160.1
Comment 5 Swamp Workflow Management 2016-12-14 00:08:41 UTC
openSUSE-SU-2016:3121-1: An update that fixes 23 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1011283,1011284,1011285,1011286,1011287,1011288,1011289,1011290,1011291,1011292,1011293,1012021,1012022,1012023,1012024,1012025,1012026,1012027,1012028,1012029,1012030,1012031,1012032
CVE References: CVE-2016-9434,CVE-2016-9435,CVE-2016-9436,CVE-2016-9437,CVE-2016-9438,CVE-2016-9439,CVE-2016-9440,CVE-2016-9441,CVE-2016-9442,CVE-2016-9443,CVE-2016-9621,CVE-2016-9622,CVE-2016-9623,CVE-2016-9624,CVE-2016-9625,CVE-2016-9626,CVE-2016-9627,CVE-2016-9628,CVE-2016-9629,CVE-2016-9630,CVE-2016-9631,CVE-2016-9632,CVE-2016-9633
Sources used:
openSUSE Leap 42.2 (src):    w3m-0.5.3.git20161120-160.1
openSUSE Leap 42.1 (src):    w3m-0.5.3.git20161120-161.1
Comment 6 Thomas Blume 2017-05-11 07:59:15 UTC
closing
Comment 7 Swamp Workflow Management 2017-06-02 11:45:04 UTC
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2017-06-16.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/63652