Mark lynx FORBIDDEN due to numerous potential and proven

server-exploitable buffer overflows, until the lynx team get their act
together and clean up their code.

Noticed by:	Michal Zalewski <lcamtuf@DIONE.IDS.PL> (Bugtraq)
Reviewed by:	the rest of the security-officer team.

2 files changed, 6 insertions, 2 deletions

diff --git a/www/lynx-current/Makefile b/www/lynx-current/Makefile
index 274c63cda798..1a8bdab4c417 100644
--- a/www/lynx-current/Makefile
+++ b/www/lynx-current/Makefile
@@ -6,13 +6,15 @@
 # $FreeBSD$
 #
 
-DISTNAME=       lynx2.8.3dev.18
-PKGNAME=        lynx-2.8.3dev.18
+DISTNAME=       lynx2.8.3dev.20
+PKGNAME=        lynx-2.8.3dev.20
 CATEGORIES=	www
 MASTER_SITES=   http://sol.slcc.edu/lynx/current/
 
 MAINTAINER=	ache@FreeBSD.org
 
+FORBIDDEN=	"Riddled with buffer overflows exploitable by a malicious server to execute code as the local user."
+
 USE_BZIP2=      YES
 NO_LATEST_LINK=	YES
 WRKSRC=         ${WRKDIR}/lynx2-8-3
diff --git a/www/lynx/Makefile b/www/lynx/Makefile
index 235a8caea0ca..77b8d283a403 100644
--- a/www/lynx/Makefile
+++ b/www/lynx/Makefile
@@ -13,6 +13,8 @@ MASTER_SITES=   http://sol.slcc.edu/lynx/current/
 
 MAINTAINER=	jseger@FreeBSD.org
 
+FORBIDDEN=	"Riddled with buffer overflows exploitable by a malicious server to execute code as the local user."
+
 USE_BZIP2=      YES
 WRKSRC=         ${WRKDIR}/lynx2-8-2
 GNU_CONFIGURE=  YES