lynx 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1227005263
업데이트 : 2008.11.18
상세내용
* 보안 버그 수정
. CVE-2006-7234 :
A flaw was found in a way Lynx handled ".mailcap" and ".mime.types"
configuration files. Files in the browser's current working directory were
opened before those in the user's home directory. A local attacker, able to
convince a user to run Lynx in a directory under their control, could
possibly execute arbitrary commands as the user running Lynx.
. CVE-2008-4690 :
An arbitrary command execution flaw was found in the Lynx "lynxcgi:" URI
handler. An attacker could create a web page redirecting to a malicious URL
that could execute arbitrary code as the user running Lynx in the
non-default "Advanced" user mode.
Autoupdates 지원 : 지원
pkgsysupdate
update 패키지
RPMS :
. lynx-2.8.5-28.1.1.i686.rpm
SRPMS :
. lynx-2.8.5-28.1.1.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7234
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4690
|