Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 3 Nov 2016 18:54:35 -0400
From: Leo Famulari <leo@...ulari.name>
To: oss-security@...ts.openwall.com
Cc: dickey@...isible-island.net, fulldisclosure@...lists.org,
	cve-assign@...re.org
Subject: Re: CVE request:Lynx invalid URL parsing with '?'

On Thu, Nov 03, 2016 at 05:58:14PM +0800, redrain root wrote:
> I can't find any bugtracker in lynx ,so i will disclose by this mail and
> sent to the author dickey@...isible-island.net.
> 
> redrain (rootredrain@...il.com)
> Date:2016-11-03
> Version: 2.8.8pre.4、2.8.9dev.8 and earlier

FYI, as far as I can tell, this bug is present in 2.8.9dev.9 as well.

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ