Re: [Lynx-dev] [pkg-lynx-maint] CVE-2016-9179 (invalid URL parsing with

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Lynx-dev] [pkg-lynx-maint] CVE-2016-9179 (invalid URL parsing with

From:	Thomas Dickey
Subject:	Re: [Lynx-dev] [pkg-lynx-maint] CVE-2016-9179 (invalid URL parsing with '?')
Date:	Wed, 23 Nov 2016 18:36:44 -0500
User-agent:	Mutt/1.5.21 (2010-09-15)

On Mon, Nov 21, 2016 at 05:40:37PM +1100, Brian May wrote:
> Thomas Dickey <address@hidden> writes:
> 
> >> So IMHO the warning is obsolete in this specific case, i.e. with "?@"
> >> without "/" before it.
> >
> > I see (for dev.12, then - dev.11 was last night)
> 
> When do you expect to release dev.12 with this change?

I'm not certain (I have ongoing changes to xterm and vile which I'd
like to finish also...).

I spent some time today investigating this area in lynx, and
saw some further improvements to make, but am not done yet.

-- 
Thomas E. Dickey <address@hidden>
http://invisible-island.net
ftp://invisible-island.net

signature.asc
Description: Digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Lynx-dev] CVE-2016-9179 (invalid URL parsing with '?'), (continued)

Prev by Date: Re: [Lynx-dev] Lynx under Win7 64bit with ssl
Next by Date: [Lynx-dev] minor correction to lynx.cfg
Previous by thread: Re: [Lynx-dev] [pkg-lynx-maint] CVE-2016-9179 (invalid URL parsing with '?')
Next by thread: Re: [Lynx-dev] [pkg-lynx-maint] CVE-2016-9179 (invalid URL parsing with '?')
Index(es):
- Date
- Thread