Bug 83263

Summary: Segfaults with some SSL hosts
Product: [Retired] Red Hat Raw Hide Reporter: Enrico Scholz <rh-bugzilla>
Component: w3mAssignee: Akira TAGOH <tagoh>
Status: CLOSED RAWHIDE QA Contact:
Severity: high Docs Contact:
Priority: medium    
Version: 1.0   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2003-02-03 09:13:54 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Enrico Scholz 2003-02-01 02:32:09 UTC 
Description of problem:

| $ w3m https://www.tu-chemnitz.de
| Segmentation fault

Other hosts are working fine (e.g. https://www.redhat.com)

I have not tested if/how this can be exploited, but segfaults which are caused
by remote server-certificates are smelling like a security leak.


Version-Release number of selected component (if applicable):

w3m-0.3.2.2-3
openssl-0.9.7-4


How reproducible:

100%
Comment 1 Akira TAGOH 2003-02-03 08:00:13 UTC 
I think it's not vulnerable.
Comment 2 Akira TAGOH 2003-02-03 09:13:54 UTC 
fixed in 0.3.2.2-5.