SuSE Update for w3m SUSE-SA:2007:005

Impact
remote denial of service, remote code execution
Solution
Please Install the Updated Packages.
Insight
A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. In SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise Server and Desktop 10 this problem was not exploitable to execute code due to use of the FORTIFY SOURCE extensions. This problem is tracked by the Mitre CVE ID CVE-2006-6772.
Affected
w3m on Novell Linux Desktop 9, Novell Linux POS 9, Open Enterprise Server, openSUSE 10.2, SUSE LINUX 10.1, SuSE Linux Enterprise Server 8, SUSE SLED 10, SUSE SLES 10, SUSE SLES 9
References