Bugzilla – Bug 853190
VUL-0: CVE-2013-6050: links: integer overflow in parsing of HTML tables
Last modified: 2014-05-19 08:43:07 UTC
CVE-2013-6050 was assigned to the following links security issue. Affected is openSUSE: 12.2: links-2.6 12.3: links-2.6 13.1: links-2.7 -------------------------------------------------------------------------- Debian Security Advisory DSA-2807-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff November 30, 2013 http://www.debian.org/security/faq -------------------------------------------------------------------------- Package : links2 Vulnerability : integer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2013-6050 Mikulas Patocka discovered an integer overflow in the parsing of HTML tables in the Links web browser. This can only be exploited when running Links in graphical mode. For the oldstable distribution (squeeze), this problem has been fixed in version 2.3~pre1-1+squeeze2. For the stable distribution (wheezy), this problem has been fixed in version 2.7-1+deb7u1. For the testing distribution (jessie), this problem has been fixed in version 2.8-1. For the unstable distribution (sid), this problem has been fixed in version 2.8-1. We recommend that you upgrade your links2 packages. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6050 https://bugzilla.redhat.com/show_bug.cgi?id=1036619 http://seclists.org/fulldisclosure/2013/Nov/217
bugbot adjusting priority
patch: https://bugzilla.redhat.com/attachment.cgi?id=831533
fix submitted to network devel project.