Bug 1011281 – VUL-0: CVE-2016-9432: w3m: bcopy negative size

Bug 1011281 - (CVE-2016-9432) VUL-0: CVE-2016-9432: w3m: bcopy negative size

(CVE-2016-9432)
Summary:	VUL-0: CVE-2016-9432: w3m: bcopy negative size

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	CVSSv2:RedHat:CVE-2016-9432:4.3:(AV:N...
Keywords:

Depends on:
Blocks:	1011293
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2016-11-21 12:04 UTC by Alexander Bergmann
Modified:	2018-05-03 22:41 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexander Bergmann 2016-11-21 12:04:53 UTC

w3m: multiple vulnerabilities
http://seclists.org/oss-sec/2016/q4/452

crash due to `bcopy` with negative size

Issue: https://github.com/tats/w3m/issues/13

Comment 1 Swamp Workflow Management 2016-11-21 22:59:22 UTC

bugbot adjusting priority

Comment 2 Alexander Bergmann 2016-11-22 08:53:00 UTC

Upstream Fixes:
https://github.com/tats/w3m/commit/807e8b7fbffca6dcaf5db40e35f05d05c5cf02d3
https://github.com/tats/w3m/commit/7b88478227978a8d673b4dd0e05eee410cc33330

Comment 3 Thomas Blume 2017-05-11 07:51:54 UTC

closing