Debian Long Term Support / LTS Security Information / 2017 / Security Information -- DLA-1175-1 lynx-cur

Debian Security Advisory

DLA-1175-1 lynx-cur -- LTS security update

Date Reported:

18 Nov 2017

Affected Packages:

lynx-cur

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2017-1000211.

More information:

It was discovered that there was a use-after-free vulnerability in the HTML parser of lynx-cur, a terminal-based web browser. This could have led to memory/information disclosure.

For Debian 7 Wheezy, this issue has been fixed in lynx-cur version 2.8.8dev.12-2+deb7u2.

We recommend that you upgrade your lynx-cur packages.