Update NEWS

2016-11-19 15:41:22 +09:00
parent 251e191754
commit fdfab25608
1 changed files with 2 additions and 2 deletions
--- a/4
+++ b/4
@@ -19,8 +19,8 @@ w3m X.X.X - YYYY-MM-DD
   [CVE-2016-9426], [CVE-2016-9428], [CVE-2016-9429], [CVE-2016-9430],
   [CVE-2016-9431], [CVE-2016-9432], [CVE-2016-9433], [CVE-2016-9434],
   [CVE-2016-9435], [CVE-2016-9436], [CVE-2016-9437], [CVE-2016-9438],
-   [CVE-2016-9439], [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9442],
-   [CVE-2016-9443]
+   [CVE-2016-9439], [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443]
+ - fix potential heap buffer corruption due to Strgrow [CVE-2016-9442]
 - disable SSLv2 and SSLv3 by default [CVE-2014-3566]
 - set ssl_verify_server to 1 by default
 - disable RC4, export ciphers, and keys < 128 bits