Slackware 7.0 & -current: Lynx vulnerabilities
Posted by LinuxSecurity.com Team   
Slackware Versions of Lynx prior to 2.8.3pre.5 contained numerous security holes which could permit a malicious server to execute arbitrary code on the user's system.
A new Lynx package is available in the Slackware-current tree.  Users of
Slackware 7.0 and -current are urged to upgrade to this version.  Versions
of Lynx prior to 2.8.3pre.5 contained numerous security holes which could
permit a malicious server to execute arbitrary code on the user's system.
This version was heavily audited by the Lynx team before release.


   ========================================
   lynx 2.8.3rel1 AVAILABLE - (n1/lynx.tgz)
   ========================================

      Major security holes removed, better string handling code.  Slackware
      7.0 and -current users should download the following updated package
      from ftp.slackware.com.

         /pub/slackware/slackware-current/slakware/n1/lynx.tgz

      Here are the md5sums and checksums for the new package:

         4a23e8896366bb952a3bf4be1f6e4d7d  n1/lynx.tgz
         4062658962 788916 n1/lynx.tgz


Separate patches will not be produced for the /patches directory in the
Slackware 7.0 distribution tree.  Users of Slackware 7.0 can download the
necessary packages from the Slackware-current tree and run upgradepkg to
install them.

It's generally a good idea to bring your system into runlevel 1 when doing
package upgrades, just to minimize error.

   # telinit 1
   # upgradepkg 
   # telinit 3

Remember, it's also a good idea to backup configuration files before upgrading
packages.

- The Slackware Linux Project
  http://www.slackware.com