w3m has an out-of-bounds write in function checkType() in etc.c. It allows a local attacker to cause Denial of Service or possibly have unspecified other impact via a crafted HTML file. NOTE: It was introduced in the fix of CVE-2022-38223. Affects: w3m 0.5.3+git20230129, 0.5.3+git20230121-1, 0.5.3+git20230121-2 Not Affected version: < 0.5.3+git20220429-1 https://github.com/tats/w3m/issues/268 https://github.com/tats/w3m/pull/273
Created w3m tracking bugs for this issue: Affects: epel-all [bug 2255209] Affects: fedora-all [bug 2255208]
Upstream Commit: https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
What's the relevance of the upstream commit here? Is this about https://github.com/tats/w3m/issues/282 which is addressed in https://github.com/tats/w3m/pull/285 ?