Subject: CVS commit: pkgsrc/www/lynx
From: Kimmo Suominen
Date: 2021-08-12 06:20:11
Message id: 20210812042011.CA570FA97@cvs.NetBSD.org
Log Message:
lynx: Address CVE-2021-38165

Cherry picked from 2021-08-07 (2.9.0dev.9):
* strip user/password from ssl_host in HTLoadHTTP, incorrectly passed as
  part of the server name indicator (Debian #991971) -TD
Files:
RevisionActionfile
1.139modifypkgsrc/www/lynx/Makefile
1.40modifypkgsrc/www/lynx/distinfo
1.4addpkgsrc/www/lynx/patches/patch-WWW_Library_Implementation_HTTP.c