Ubuntu Security Notice USN-3214-1

2nd March, 2017

w3m vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 14.04 LTS
• Ubuntu 12.04 LTS

Summary

Several security issues were fixed in w3m.

Software description

• w3m
  – WWW browsable pager with excellent tables/frames support

Details

A large number of security issues were discovered in the w3m browser. If a
user were tricked into viewing a malicious website, a remote attacker could
exploit a variety of issues related to web browser security, including
cross-site scripting attacks, denial of service attacks, and arbitrary code
execution.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:

w3m

0.5.3-15ubuntu0.1

Ubuntu 12.04 LTS:

w3m

0.5.3-5ubuntu1.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2016-9422,

CVE-2016-9423,

CVE-2016-9424,

CVE-2016-9425,

CVE-2016-9426,

CVE-2016-9428,

CVE-2016-9429,

CVE-2016-9430,

CVE-2016-9431,

CVE-2016-9432,

CVE-2016-9433,

CVE-2016-9434,

CVE-2016-9435,

CVE-2016-9436,

CVE-2016-9437,

CVE-2016-9438,

CVE-2016-9439,

CVE-2016-9440,

CVE-2016-9441,

CVE-2016-9442,

CVE-2016-9443,

CVE-2016-9622,

CVE-2016-9623,

CVE-2016-9624,

CVE-2016-9625,

CVE-2016-9626,

CVE-2016-9627,

CVE-2016-9628,

CVE-2016-9629,

CVE-2016-9630,

CVE-2016-9631,

CVE-2016-9632,

CVE-2016-9633