Debian Security Advisory DSA 1076-1 (lynx)

Summary
The remote host is missing an update to lynx announced via advisory DSA 1076-1. Michal Zalewski discovered that lynx, the popular text-mode WWW Browser, is not able to grok invalid HTML including a TEXTAREA tag with a large COLS value and a large tag name in an element that is not terminated, and loops forever trying to render the broken HTML. For the old stable distribution (woody) this problem has been fixed in version 2.8.4.1b-3.4.
Solution
For the stable distribution (sarge) this problem has been fixed in version 2.8.5-2sarge2. For the unstable distribution (sid) this problem has been fixed in version 2.8.5-2sarge2. We recommend that you upgrade your lynx package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201076-1