Synopsis: Moderate: elinks security update Issue Date: 2013-02-11 CVE Numbers: CVE-2012-4545 -- It was found that ELinks performed client credentials delegation during the client-to-server GSS security mechanisms negotiation. A rogue server could use this flaw to obtain the client's credentials and impersonate that client to other servers that are using GSSAPI. (CVE-2012-4545) -- SL5 x86_64 elinks-0.11.1-8.el5_9.x86_64.rpm elinks-debuginfo-0.11.1-8.el5_9.x86_64.rpm i386 elinks-0.11.1-8.el5_9.i386.rpm elinks-debuginfo-0.11.1-8.el5_9.i386.rpm SL6 x86_64 elinks-0.12-0.21.pre5.el6_3.x86_64.rpm elinks-debuginfo-0.12-0.21.pre5.el6_3.x86_64.rpm i386 elinks-0.12-0.21.pre5.el6_3.i686.rpm elinks-debuginfo-0.12-0.21.pre5.el6_3.i686.rpm - Scientific Linux Development Team