Security Information / 2013 / Security Information -- DSA-2807-1 links2

Debian Security Advisory

DSA-2807-1 links2 -- integer overflow

Date Reported:

30 Nov 2013

Affected Packages:

links2

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2013-6050.

More information:

Mikulas Patocka discovered an integer overflow in the parsing of HTML tables in the Links web browser. This can only be exploited when running Links in graphical mode.

For the oldstable distribution (squeeze), this problem has been fixed in version 2.3~pre1-1+squeeze2.

For the stable distribution (wheezy), this problem has been fixed in version 2.7-1+deb7u1.

For the testing distribution (jessie), this problem has been fixed in version 2.8-1.

For the unstable distribution (sid), this problem has been fixed in version 2.8-1.

We recommend that you upgrade your links2 packages.