FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

lynx -- multiple vulnerabilities

Affected packages
lynx < 2.8.8.2_5,1

Details

VuXML ID 03532a19-d68e-11e6-9171-14dae9d210b8
Discovery 2016-10-26
Entry 2017-01-09

Oracle reports:

Lynx is vulnerable to POODLE by still supporting vulnerable version of SSL. Lynx is also vulnerable to URL attacks by incorrectly parsing hostnames ending with an '?'.

References

CVE Name CVE-2014-3566
CVE Name CVE-2016-9179
FreeBSD PR ports/215464
URL https://hg.java.net/hg/solaris-userland~gate/file/0a979060f73b/components/lynx/patches/05-fix-CVE-2016-9179.patch
URL https://hg.java.net/hg/solaris-userland~gate/file/bc5351dcb9ac/components/lynx/patches/02-init-openssl.patch

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.