[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

rpms/wget/devel wget-1.10.2-CVE-2006-6719.patch, NONE, 1.1 wget.spec, 1.51, 1.52

From: fedora-cvs-commits redhat com
To: fedora-cvs-commits redhat com
Subject: rpms/wget/devel wget-1.10.2-CVE-2006-6719.patch, NONE, 1.1 wget.spec, 1.51, 1.52
Date: Wed, 10 Jan 2007 05:04:01 -0500

Author: karsten

Update of /cvs/dist/rpms/wget/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv31637

Modified Files:
	wget.spec 
Added Files:
	wget-1.10.2-CVE-2006-6719.patch 
Log Message:
- add fix for CVE-2006-6719

wget-1.10.2-CVE-2006-6719.patch:
 ftp-basic.c |    4 +++-
 1 files changed, 3 insertions(+), 1 deletion(-)

--- NEW FILE wget-1.10.2-CVE-2006-6719.patch ---
Fixes NULL pointer dereference (CVE-2006-6719) (bz #221483)

--- wget-1.10.2/src/ftp-basic.c.orig	2007-01-04 19:30:31.000000000 +0100
+++ wget-1.10.2/src/ftp-basic.c	2007-01-04 19:31:48.000000000 +0100
@@ -1038,7 +1038,9 @@ ftp_syst (int csock, enum stype *server_
      first word of the server response)?  */
   request = strtok (NULL, " ");
 
-  if (!strcasecmp (request, "VMS"))
+  if (request == NULL)
+    *server_type = ST_OTHER;
+  else if (!strcasecmp (request, "VMS"))
     *server_type = ST_VMS;
   else if (!strcasecmp (request, "UNIX"))
     *server_type = ST_UNIX;


Index: wget.spec
===================================================================
RCS file: /cvs/dist/rpms/wget/devel/wget.spec,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -r1.51 -r1.52
--- wget.spec	8 Dec 2006 10:21:23 -0000	1.51
+++ wget.spec	10 Jan 2007 10:03:59 -0000	1.52
@@ -1,7 +1,7 @@
 Summary: A utility for retrieving files using the HTTP or FTP protocols.
 Name: wget
 Version: 1.10.2
-Release: 10%{?dist}
+Release: 11%{?dist}
 License: GPL
 Group: Applications/Internet
 Url: http://wget.sunsite.dk/
@@ -14,6 +14,7 @@
 Patch6: wget-1.10.2-to11.patch
 Patch7: wget-1.10.2-218211.patch
 Patch8: wget-1.10.2-retry186195.patch
+Patch9: wget-1.10.2-CVE-2006-6719.patch
 Provides: webclient
 Prereq: /sbin/install-info
 BuildRequires: perl, openssl-devel, pkgconfig, texinfo, gettext, autoconf
@@ -37,6 +38,7 @@
 %patch6 -p1
 %patch7 -p1
 %patch8 -p1
+%patch9 -p1
 
 cp %{SOURCE2} $RPM_BUILD_DIR/wget-%{version}/po/de.po
 chmod a+x doc/texi2pod.pl
@@ -75,6 +77,9 @@
 %{_infodir}/*
 
 %changelog
+* Wed Jan 10 2007 Karsten Hopp <karsten redhat com> 1.10.2-11
+- add fix for CVE-2006-6719
+
 * Thu Dec 08 2006 Karsten Hopp <karsten redhat com> 1.10.2-10
 - fix repeated downloads (Tomas Heinrich, #186195)

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]