Debian Security Advisory 4953-1

Debian Security Advisory 4953-1: Posted Aug 28, 2021; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4953-1 - Thorsten Glaser and Axel Beckert reported that lynx, a non-graphical (text-mode) web browser, does not properly handle the userinfo subcomponent of a URI, which can lead to leaking of credential in cleartext in SNI data.; tags | advisory, web; systems | linux, debian; advisories | CVE-2021-38165; SHA-256 | 35b46ce033be8cf57b331621640999d4df96db1956c4a4dc7bde2a5a846aae22; Download | Favorite | View

Debian Security Advisory 4953-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4953-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
August 10, 2021                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : lynx
CVE ID         : CVE-2021-38165
Debian Bug     : 991971

Thorsten Glaser and Axel Beckert reported that lynx, a non-graphical
(text-mode) web browser, does not properly handle the userinfo
subcomponent of a URI, which can lead to leaking of credential in
cleartext in SNI data.

For the stable distribution (buster), this problem has been fixed in
version 2.8.9rel.1-3+deb10u1.

We recommend that you upgrade your lynx packages.

For the detailed security status of lynx please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/lynx

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmER/AxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0QDfg//QnGHbsACdZaIGyOrTrsoXXHowm44Jsctzvtrw4aK7YFwUNhXc4vqBRSB
Ql7y24qhIweUvooPKedSbUZYSmavBSD/UtCN07NckhWX/SJHCSv9l2tS1vMhdxyz
pUCY4kEKTifnCvJO2/ReFMr4rxBPrK5XhQxZuYLDCwhraN7qFRFBs2Ogy1X2PU24
V+BtvmYOvr03gQCr21ps5HRsXQfCVfCcPNumzP12ziRVbr2ebZSHMBiNDAU7Q/rq
oXhQgIkUWoA+bPBDeDNA6ay46BUPyjYaeb4kiWkduJ5hbi4E2Af1HGTZEvMgb6f8
Ozckln7JCh8bgjvPeeoAKBEv6OPcZZ4vT0VX40yoW332KOkqA4d/xM7kdTBPCSpa
9Cu4l1886MK06xvv/ZUXRvXbCgaRsyhh1N6WL6xjdfvKN4JB/sjeXRnVLleTtUyy
RYWzYHvyjOBSiB+W/TNBGucstSIUEha8OiTJwXMuQc+0nv/dPYmtGjVBjG+8wB0F
h7P/nJpsofAew3TB9Dn1ni7w5yo2z3Mea2ea9wbIYWJnPRYVNRdIemq/l0Z6Ukna
6Hzfdx9bCN5g2InIHwPu1nCf2HOprrssETCEHuz2g5eKl6PDO+Pl3mfsT1pCX72N
+BjzgkSGEw1kUnfW9fzLWrUbEJaEkKFuouGoOPgdb8nmHBO9Kt0=
=IuY3
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 290 files
Ubuntu 63 files
Debian 20 files
Gentoo 8 files
Apple 6 files
LiquidWorm 4 files
Google Security Research 4 files
Alter Prime 3 files
Spencer McIntyre 3 files
Jann Horn 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,172)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,112)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,459)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,018)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

Debian Security Advisory 4953-1

Debian Security Advisory 4953-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4953-1

Share This

Debian Security Advisory 4953-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems