A null pointer dereference will occur in w3m while parsing maliciously crafted input. Upstream bug: https://github.com/tats/w3m/issues/22 Upstream fix: https://github.com/tats/w3m/commit/4a8d16fc8d08206dd7142435054ee38ff41805b7 References: http://seclists.org/oss-sec/2016/q4/321
Created w3m tracking bugs for this issue: Affects: fedora-all [bug 1401423] Affects: epel-7 [bug 1401424]