SB2014011404 - Input validation error in links (Alpine package)

Description

This security bulletin contains information about 1 security vulnerability.

1) Input validation error (CVE-ID: CVE-2013-6050)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Integer overflow in Links before 2.8 allows remote attackers to cause a denial of service (crash) via crafted HTML tables.

Remediation

Install update from vendor's website.

References

• https://git.alpinelinux.org/aports/commit/?id=70463ed5403c6d48af291af6a5f44dd47c603727
• https://git.alpinelinux.org/aports/commit/?id=0d38ba47517ce681ae8c066e2262842d28d5d092