Information on source package lynx

Available versions

ReleaseVersion
stretch2.8.9dev11-1
stretch (security)2.8.9dev11-1+deb9u1
buster2.8.9rel.1-3+deb10u1
bullseye2.9.0dev.6-3~deb11u1
bookworm2.9.0dev.10-1
sid2.9.0dev.10-1

Open issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2017-1000211vulnerable (no DSA)fixedfixedfixedfixedLynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML ...

Resolved issues

BugDescription
TEMP-0532514-9137E0predictable random number generator used in web browsers
CVE-2021-38165Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, whic ...
CVE-2016-9179lynx: It was found that Lynx doesn't parse the authority component of ...
CVE-2008-4690lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx i ...
CVE-2006-7234Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows l ...
CVE-2005-3120Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and e ...
CVE-2005-2929Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attac ...
CVE-2004-1617Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers ...
CVE-2002-1405CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote a ...

Security announcements

DSA / DLADescription
DSA-4953-1lynx - security update
DLA-2736-1lynx - security update
DSA-1076-1lynx - programming error
DSA-876-1lynx-ssl - buffer overflow
DSA-874-1lynx - buffer overflow
DSA-210lynx - CRLF injection

Search for package or bug name: Reporting problems