diff options
| author | wiz <wiz@pkgsrc.org> | 2017-11-23 16:03:29 +0000 |
|---|---|---|
| committer | wiz <wiz@pkgsrc.org> | 2017-11-23 16:03:29 +0000 |
| commit | 75ef9df4030297cb874be1d0885cdb01e69d8d97 (patch) | |
| tree | 22b2bcc0e70a658e4b3528891ae58085c5ba76fd /net/wget/patches | |
| parent | 790cd3c25ff3249c3ec08f61dcd3c81b45244297 (diff) | |
| download | pkgsrc-75ef9df4030297cb874be1d0885cdb01e69d8d97.tar.gz | |
wget: update to 1.19.2.
* Changes in Wget 1.19.2
* Fix CVE-2017-13089 (Stack overflow in HTTP protocol handling)
* Fix CVE-2017-13090 (Heap overflow in HTTP protocol handling)
* New option --compression for gzip Content-Encoding
* New option --[no]-netrc to control .netrc parsing
* Added GNU extensions to .netrc parsing
* Improved IDNA 2003 compatibility
* Fix VPATH issues
* Improved and extended the test suite
* Support Wayback Machine's X-Archive-Orig-last-modified
* Several bug fixes
Diffstat (limited to 'net/wget/patches')
| -rw-r--r-- | net/wget/patches/patch-CVE-2017-13089 | 36 | ||||
| -rw-r--r-- | net/wget/patches/patch-CVE-2017-13090 | 39 |
2 files changed, 0 insertions, 75 deletions
diff --git a/net/wget/patches/patch-CVE-2017-13089 b/net/wget/patches/patch-CVE-2017-13089 deleted file mode 100644 index e7a9185d34f..00000000000 --- a/net/wget/patches/patch-CVE-2017-13089 +++ /dev/null @@ -1,36 +0,0 @@ -$NetBSD: patch-CVE-2017-13089,v 1.1 2017/10/26 15:01:38 tez Exp $ - -From 3dbc2e06ad487862c2fcc64d4891ff8aeb254bad Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de> -Date: Fri, 20 Oct 2017 10:59:38 +0200 -Subject: [PATCH 1/2] Fix stack overflow in HTTP protocol handling - (CVE-2017-13089) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -* src/http.c (skip_short_body): Return error on negative chunk size - -Reported-by: Antti Levomäki, Christian Jalio, Joonas Pihlaja from Forcepoint -Reported-by: Juhani Eronen from Finnish National Cyber Security Centre ---- - src/http.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/src/http.c b/src/http.c -index 55367688..dc318231 100644 ---- src/http.c -+++ src/http.c -@@ -973,6 +973,9 @@ skip_short_body (int fd, wgint contlen, bool chunked) - remaining_chunk_size = strtol (line, &endl, 16); - xfree (line); - -+ if (remaining_chunk_size < 0) -+ return false; -+ - if (remaining_chunk_size == 0) - { - line = fd_read_line (fd); --- -2.15.0.rc1 - diff --git a/net/wget/patches/patch-CVE-2017-13090 b/net/wget/patches/patch-CVE-2017-13090 deleted file mode 100644 index 88e823238e6..00000000000 --- a/net/wget/patches/patch-CVE-2017-13090 +++ /dev/null @@ -1,39 +0,0 @@ -$NetBSD: patch-CVE-2017-13090,v 1.1 2017/10/26 15:01:38 tez Exp $ - -From 28925c37b72867c0819799c6f35caf9439080f83 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de> -Date: Fri, 20 Oct 2017 15:15:47 +0200 -Subject: [PATCH 2/2] Fix heap overflow in HTTP protocol handling - (CVE-2017-13090) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -* src/retr.c (fd_read_body): Stop processing on negative chunk size - -Reported-by: Antti Levomäki, Christian Jalio, Joonas Pihlaja from Forcepoint -Reported-by: Juhani Eronen from Finnish National Cyber Security Centre ---- - src/retr.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/retr.c b/src/retr.c -index a27d58af..723ac725 100644 ---- src/retr.c -+++ src/retr.c -@@ -378,6 +378,12 @@ fd_read_body (const char *downloaded_filename, int fd, FILE *out, wgint toread, - remaining_chunk_size = strtol (line, &endl, 16); - xfree (line); - -+ if (remaining_chunk_size < 0) -+ { -+ ret = -1; -+ break; -+ } -+ - if (remaining_chunk_size == 0) - { - ret = 0; --- -2.15.0.rc1 - |