Package name
lynx
Date
2013-04-10
Advisory ID
MDVSA-2013:101
Affected versions
MBS1 x86_64

Problem description

Updated lynx package fixes security vulnerability:

Lynx does not verify that the server's certificate is signed by
a trusted certification authority, which allows man-in-the-middle
attackers to spoof SSL servers via a crafted certificate, related to
improper use of a certain GnuTLS function (CVE-2012-5821).

Updated packages

MBS1 x86_64

 777f25fe8b425d1385af79891e7c0447  mbs1/x86_64/lynx-2.8.7-5.1.mbs1.x86_64.rpm 
 94b3428d676786e79c7a636dd7ee4e55  mbs1/SRPMS/lynx-2.8.7-5.1.mbs1.src.rpm

References