rpms/wget/FC-6 wget-1.10.2-CVE-2006-6719.patch, NONE, 1.1 wget-1.10.2-retry186195.patch, NONE, 1.1 wget.spec, 1.50, 1.51
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Jan 10 10:11:39 UTC 2007
Author: karsten
Update of /cvs/dist/rpms/wget/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv31861
Modified Files:
wget.spec
Added Files:
wget-1.10.2-CVE-2006-6719.patch wget-1.10.2-retry186195.patch
Log Message:
- add disttag
- fix bugzilla #186195
- fix CVE-2006-6719
wget-1.10.2-CVE-2006-6719.patch:
ftp-basic.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletion(-)
--- NEW FILE wget-1.10.2-CVE-2006-6719.patch ---
Fixes NULL pointer dereference (CVE-2006-6719) (bz #221483)
--- wget-1.10.2/src/ftp-basic.c.orig 2007-01-04 19:30:31.000000000 +0100
+++ wget-1.10.2/src/ftp-basic.c 2007-01-04 19:31:48.000000000 +0100
@@ -1038,7 +1038,9 @@ ftp_syst (int csock, enum stype *server_
first word of the server response)? */
request = strtok (NULL, " ");
- if (!strcasecmp (request, "VMS"))
+ if (request == NULL)
+ *server_type = ST_OTHER;
+ else if (!strcasecmp (request, "VMS"))
*server_type = ST_VMS;
else if (!strcasecmp (request, "UNIX"))
*server_type = ST_UNIX;
wget-1.10.2-retry186195.patch:
ftp.c | 2 +-
1 files changed, 1 insertion(+), 1 deletion(-)
--- NEW FILE wget-1.10.2-retry186195.patch ---
--- wget-1.10.2/src/ftp.c.186195 2006-12-08 12:15:20.000000000 +0100
+++ wget-1.10.2/src/ftp.c 2006-12-08 12:17:02.000000000 +0100
@@ -1172,7 +1172,7 @@
len = 0;
err = getftp (u, &len, restval, con);
- if (con->csock != -1)
+ if (con->csock == -1)
con->st &= ~DONE_CWD;
else
con->st |= DONE_CWD;
Index: wget.spec
===================================================================
RCS file: /cvs/dist/rpms/wget/FC-6/wget.spec,v
retrieving revision 1.50
retrieving revision 1.51
diff -u -r1.50 -r1.51
--- wget.spec 7 Dec 2006 13:09:41 -0000 1.50
+++ wget.spec 10 Jan 2007 10:11:37 -0000 1.51
@@ -1,7 +1,7 @@
Summary: A utility for retrieving files using the HTTP or FTP protocols.
Name: wget
Version: 1.10.2
-Release: 8
+Release: 8%{?dist}.1
License: GPL
Group: Applications/Internet
Url: http://wget.sunsite.dk/
@@ -13,6 +13,8 @@
Patch5: wget-1.10.1-helpfix.patch
Patch6: wget-1.10.2-to11.patch
Patch7: wget-1.10.2-218211.patch
+Patch8: wget-1.10.2-retry186195.patch
+Patch9: wget-1.10.2-CVE-2006-6719.patch
Provides: webclient
Prereq: /sbin/install-info
BuildRequires: perl, openssl-devel, pkgconfig, texinfo, gettext, autoconf
@@ -35,6 +37,8 @@
%patch5 -p1
%patch6 -p1
%patch7 -p1
+%patch8 -p1
+%patch9 -p1
cp %{SOURCE2} $RPM_BUILD_DIR/wget-%{version}/po/de.po
chmod a+x doc/texi2pod.pl
@@ -73,6 +77,11 @@
%{_infodir}/*
%changelog
+* Wed Jan 10 2007 Karsten Hopp <karsten at redhat.com> 1.10.2-8.1
+- add disttag
+- fix bugzilla #186195
+- fix CVE-2006-6719
+
* Thu Dec 07 2006 Karsten Hopp <karsten at redhat.com> 1.10.2-8
- Resolves: #218211
fix double free corruption
More information about the fedora-cvs-commits
mailing list