Information on source package lynx-cur

Available versions

ReleaseVersion
jessie2.8.9dev1-2+deb8u2

Open issues

BugjessieDescription
CVE-2017-1000211vulnerable (no DSA)Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML ...
CVE-2016-9179vulnerable (no DSA)lynx: It was found that Lynx doesn't parse the authority component of ...

Resolved issues

BugDescription
TEMP-0532514-9137E0predictable random number generator used in web browsers
TEMP-0000000-0D6EB6crash when parsing overly long links
CVE-2021-38165Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, whic ...
CVE-2012-5821Lynx does not verify that the server's certificate is signed by a trus ...
CVE-2010-2810Heap-based buffer overflow in the convert_to_idna function in WWW/Libr ...
CVE-2006-7234Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows l ...
CVE-2005-3120Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and e ...
CVE-2004-1617Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers ...

Security announcements

DSA / DLADescription
ELA-472-1lynx-cur - security update
DLA-1175-1lynx-cur - security update
DLA-719-1lynx-cur - security update
DSA-1085-1lynx-cur - several vulnerabilities
Search for package or bug name: Reporting problems