commit a239bb30718c1d7e4b0d1349508e5aba4b8078318927bfdcc7aeca0c1785e455 Author: Adrian Schröter Date: Sat May 4 01:49:21 2024 +0200 Sync from SUSE:SLFO:Main w3m revision 4efab4f1cef7af9dbba7e9e88cd10a67 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/0001-Fix-OOB-access-due-to-multiple-backspaces.patch b/0001-Fix-OOB-access-due-to-multiple-backspaces.patch new file mode 100644 index 0000000..56be145 --- /dev/null +++ b/0001-Fix-OOB-access-due-to-multiple-backspaces.patch @@ -0,0 +1,58 @@ +From edc602651c506aeeb60544b55534dd1722a340d3 Mon Sep 17 00:00:00 2001 +From: Rene Kita +Date: Thu, 13 Jul 2023 07:50:26 +0200 +Subject: [PATCH] Fix OOB access due to multiple backspaces + +Commit 419ca82d57 (Fix m17n backspace handling causes out-of-bounds +write in checkType) introduced an incomplete fix. + +In function checkType we store the length of the previous multi-char +character in a buffer plens_buffer with pointer plens pointing to the +current position inside the buffer. When encountering a backspace plens +is set to the previous position without a bounds check. This will lead +to plens being out of bounds if we get more backspaces than we have +processed multi-char characters before. + +If we are at the beginning of the buffer do not decrement and set plen +(the current length) to 0. + +This also fixes GH Issue #270 [BUG] Out of bound read in Strnew_size , +Str.c:61 + +If the above explanation does sound weird it's because I didn't fully +grok that function. :-) +--- + etc.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/etc.c b/etc.c +index 128717b..b566151 100644 +--- a/etc.c ++++ b/etc.c +@@ -393,7 +393,10 @@ checkType(Str s, Lineprop **oprop, Linecolor **ocolor) + if (color) + color -= plen; + #endif +- plen = *(--plens); ++ if (plens == plens_buffer) ++ plen = 0; ++ else ++ plen = *(--plens); + str += 2; + } + } +@@ -419,7 +422,10 @@ checkType(Str s, Lineprop **oprop, Linecolor **ocolor) + if (color) + color -= plen; + #endif +- plen = *(--plens); ++ if (plens == plens_buffer) ++ plen = 0; ++ else ++ plen = *(--plens); + str++; + } + #else +-- +2.41.0 + diff --git a/0001-Update-German-message-catalogue.patch b/0001-Update-German-message-catalogue.patch new file mode 100644 index 0000000..5cc2cf1 --- /dev/null +++ b/0001-Update-German-message-catalogue.patch @@ -0,0 +1,77 @@ +From: Markus Hiereth +Date: Sun, 29 Jan 2023 09:06:31 +0100 +Subject: Update German message catalogue + +Origin: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029933#5 +--- + po/de.po | 15 +++++++-------- + 1 file changed, 7 insertions(+), 8 deletions(-) + +diff --git a/po/de.po b/po/de.po +index 8191c95..a9c2013 100644 +--- a/po/de.po ++++ b/po/de.po +@@ -1,13 +1,13 @@ + # German translation of w3m + # Copyright (C) 2014 THE w3m'S COPYRIGHT HOLDER + # This file is distributed under the same license as the w3m package. +-# Markus Hiereth , 2014,2022. ++# Markus Hiereth , 2014,2022,2023. + msgid "" + msgstr "" + "Project-Id-Version: w3m 0.5.3\n" + "Report-Msgid-Bugs-To: \n" + "POT-Creation-Date: 2023-01-04 19:22+0900\n" +-"PO-Revision-Date: 2022-05-29 09:00+0100\n" ++"PO-Revision-Date: 2023-01-27 22:57+0100\n" + "Last-Translator: Markus Hiereth \n" + "Language-Team: German \n" + "Language: de\n" +@@ -15,7 +15,6 @@ msgstr "" + "Content-Type: text/plain; charset=UTF-8\n" + "Content-Transfer-Encoding: 8bit\n" + "Plural-Forms: nplurals=2; plural=(n != 1);\n" +-"X-Generator: Virtaal 0.7.1\n" + + #: menu.c:269 + msgid " Back (b) " +@@ -234,7 +233,7 @@ msgstr "In Farbe anzeigen" + + #: rc.c:100 + msgid "Use high-intensity colors" +-msgstr "" ++msgstr "Farben hoher Intensität nutzen" + + #: rc.c:101 + msgid "Color of normal character" +@@ -339,7 +338,7 @@ msgstr "Verzeichnis für ausführbare Skripte (cgi-bin)" + + #: rc.c:132 + msgid "Directory for temporary files" +-msgstr "" ++msgstr "Verzeichnis für temporäre Dateien" + + #: rc.c:133 + msgid "Confirm when quitting with q" +@@ -926,18 +925,18 @@ msgstr "Nur ISO-2022" + msgid "ON" + msgstr "AN" + +-# Wert aus einem Set zur Wiedergabe von Rändern, mh, 05.10.2014 ++# Wert aus einem Set zur Wiedergabe von Rändern, mh, 05.10.2014 + #: rc.c:372 + msgid "ASCII" + msgstr "ASCII" + +-# Wert aus einem Set zur Wiedergabe von Rändern, mh, 05.10.2014 ++# Wert aus einem Set zur Wiedergabe von Rändern, mh, 05.10.2014 + # hier ist "Zeichensatz" akzeptabel mh, 09.10.2014 + #: rc.c:373 + msgid "charset specific" + msgstr "zeichensatzspezifisch" + +-# Wert aus einem Set zur Wiedergabe von Rändern, mh, 05.10.2014 ++# Wert aus einem Set zur Wiedergabe von Rändern, mh, 05.10.2014 + #: rc.c:374 + msgid "DEC special graphics" + msgstr "mit DEC-Grafiken" diff --git a/_service b/_service new file mode 100644 index 0000000..64293cf --- /dev/null +++ b/_service @@ -0,0 +1,14 @@ + + + git + https://github.com/tblume/w3m.git + + w3m + 0.5.3+git20180125 + master + + + *w3m*.tar + xz + + diff --git a/w3m-v0.5.3+git20230121.tar.bz2 b/w3m-v0.5.3+git20230121.tar.bz2 new file mode 100644 index 0000000..d9cec9b --- /dev/null +++ b/w3m-v0.5.3+git20230121.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ebd4da7b69802164251bb7051cd6b29a3921eb7a465ae6cd7f21eb3be7726844 +size 1915477 diff --git a/w3m.changes b/w3m.changes new file mode 100644 index 0000000..64ce936 --- /dev/null +++ b/w3m.changes @@ -0,0 +1,707 @@ +------------------------------------------------------------------- +Tue Jul 25 14:31:42 UTC 2023 - Thomas Blume + +- CVE-2023-38253: out-of-bounds read in growbuf_to_Str() at w3m/indep.c + (bsc#1213323) +- CVE-2023-38252 out-of-bounds read in Strnew_size() at w3m/Str.c + (bsc#1213324) +- add 0001-Fix-OOB-access-due-to-multiple-backspaces.patch + +------------------------------------------------------------------- +Fri Apr 28 09:05:26 UTC 2023 - Muhammad Akbar Yanuar Mantari + +- update to version 0.5.3+git20230121 +- add 0001-Update-German-message-catalogue.patch +- dropped patches: + 0001-allow-to-configure-the-accept-option-for-bad-cookies.patch + 0001-implements-simple-session-management.patch + 0001-handle-EXDEV-during-history-file-rename.patch + 0001-w3mman-don-t-show-invalid-characters-bsc-950800.patch + 0001-Fix-warning-for-unused-variable-without-USE_M17N.patch + 0002-Fix-m17n-backspace-handling-causes-out-of-bounds-wri.patch + +------------------------------------------------------------------- +Tue Jan 10 08:22:40 UTC 2023 - Thomas Blume + +- CVE-2022-38223 Out-of-bounds write in checkType located in etc.c + (bsc#1202684) + - add: + 0002-Fix-m17n-backspace-handling-causes-out-of-bounds-wri.patch + 0001-Fix-warning-for-unused-variable-without-USE_M17N.patch + +------------------------------------------------------------------- +Thu Jan 25 10:26:25 UTC 2018 - Thomas.Blume@suse.com + +- add git ChangeLog to /usr/share/doc/w3m/ + +- update to version 0.5.3+git20180125 + addressed security issue: + CVE-2018-6196: w3m: an infinite recursion flaw in HTMLlineproc0 + because the feed_table_block_tag function in table.c does not + prevent a negative indent value allows for (bsc#1077559) + CVE-2018-6197: w3m: NULL pointer dereference flaw in formUpdateBuffer + in form.c (bsc#1077568) + CVE-2018-6198: w3m: does not properly handle temporary files when + the ~/.w3m directory is unwritable, which allows a local attacker to + craft a symlink attack to overwrite arbitrary files (bsc#1077572) + other changes, bugfixes see: /usr/share/doc/w3m/ChangeLog + +------------------------------------------------------------------- +Thu Nov 24 11:18:22 UTC 2016 - Thomas.Blume@suse.com + +- update to debian git version (bsc#1011293) + addressed security issues: + CVE-2016-9621: w3m: global-buffer-overflow write (bsc#1012020) + CVE-2016-9622: w3m: null deref (bsc#1012021) + CVE-2016-9623: w3m: null deref (bsc#1012022) + CVE-2016-9624: w3m: near-null deref (bsc#1012023) + CVE-2016-9625: w3m: stack overflow (bsc#1012024) + CVE-2016-9626: w3m: stack overflow (bsc#1012025) + CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026) + CVE-2016-9628: w3m: null deref (bsc#1012027) + CVE-2016-9629: w3m: null deref (bsc#1012028) + CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029) + CVE-2016-9631: w3m: null deref (bsc#1012030) + CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031) + CVE-2016-9633: w3m: OOM (bsc#1012032) + CVE-2016-9434: w3m: null deref (bsc#1011283) + CVE-2016-9435: w3m: use uninit value (bsc#1011284) + CVE-2016-9436: w3m: use uninit value (bsc#1011285) + CVE-2016-9437: w3m: write to rodata (bsc#1011286) + CVE-2016-9438: w3m: null deref (bsc#1011287) + CVE-2016-9439: w3m: stack overflow (bsc#1011288) + CVE-2016-9440: w3m: near-null deref (bsc#1011289) + CVE-2016-9441: w3m: near-null deref (bsc#1011290) + CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291) + CVE-2016-9443: w3m: null deref (bsc#1011292) + + dropped patches: + w3m-fix-build-with-imlib2-1.4.6.patch + w3m-scheme.patch + w3mman-formatting.patch + w3m-parallel-make.patch + w3m-gc7.diff + w3m-openssl.patch + w3m-closedir.patch + w3m-fh-def.patch + w3m-ssl-verify.patch + w3m-parsetagx-crash.patch + w3m-tempdir-override.patch + w3m-0.5.1-no-ASCII-equivalents-by-default.patch + w3m-uninitialized.patch + w3m-inline-image.patch + w3m-0.4.1-textarea-segfault.dif + + ported patches: + w3m-disable-cookie-special-domain-check.patch to + 0001-allow-to-configure-the-accept-option-for-bad-cookies.patch + w3m-0.4.1-session-mgmt.dif to + 0001-implements-simple-session-management.patch + w3m-history-crossdev.patch to + 0001-handle-EXDEV-during-history-file-rename.patch + w3mman-formatting.patch to + 0001-w3mman-don-t-show-invalid-characters-bsc-950800.patch + +------------------------------------------------------------------- +Fri Jun 24 07:24:53 UTC 2016 - fweiss@suse.com + +- w3mman-formatting.patch: w3mman now doesn't show invalid + characters anymore (bsc#950800) + +------------------------------------------------------------------- +Wed Jun 22 12:43:27 UTC 2016 - max@suse.com + +- Add w3m-scheme.patch to fix a segfault when doing a https request + to an unresolvable host (bsc#950468). + +------------------------------------------------------------------- +Mon Mar 2 04:05:20 UTC 2015 - mlin@suse.com + +- Add w3m-fix-build-with-imlib2-1.4.6.patch: fix build with imlib2 1.4.6, + the patch is from Debian. See http://sourceforge.net/p/w3m/patches/70/ + +------------------------------------------------------------------- +Sun Dec 21 12:49:22 UTC 2014 - meissner@suse.com + +- build with PIE support + +------------------------------------------------------------------- +Wed Mar 12 16:17:09 UTC 2014 - schwab@linux-m68k.org + +- w3m-parallel-make.patch: More dependency fixes for parallel build + +------------------------------------------------------------------- +Tue Aug 20 12:04:52 UTC 2013 - schwab@suse.de + +- w3m-parallel-make.patch: Fix missing dependency for parallel build + +------------------------------------------------------------------- +Fri Jun 21 06:46:21 UTC 2013 - crrodriguez@opensuse.org + +- attempting to download a large file will end in total fail + on 32bit archs, use LFS_CFLAGS to fix that problem. + +------------------------------------------------------------------- +Thu Mar 21 16:27:19 UTC 2013 - jengelh@inai.de + +- Make w3m compile with gc 7.x (adds w3m-gc7.diff), + and also use the system libgc. + +------------------------------------------------------------------- +Mon Nov 12 18:26:45 UTC 2012 - crrodriguez@opensuse.org + +- Due to the "CRIME attack" (CVE-2012-4929) HTTPS clients + that negotiate TLS-level compression can be abused for + MITM attacks. (w3m-openssl.patch) + +- Use SSL_MODE_RELEASE_BUFFERS if available . + +------------------------------------------------------------------- +Fri Sep 28 12:43:43 UTC 2012 - cfarrell@suse.com + +- license update: ISC + w3m permissive license much more akin to ISC (spdx.org/licenses/ISC) than + to either BSD or MIT + +------------------------------------------------------------------- +Thu Sep 27 14:05:50 UTC 2012 - crrodriguez@opensuse.org + +- Build with OPENSSL_NO_SSL_INTERN, poor's man visibility + to avoid ABI breaks between different openssl version. + +- Also define _GNU_SOURCE to allow some extra optimizations + with recent GCC versions. + +------------------------------------------------------------------- +Fri Mar 23 11:16:03 UTC 2012 - max@suse.com + +- Removed w3m-helppaths.patch, because it broke interactive help + (bnc#747560). It was a leftover that should have been removed + as part of the May 2011 package overhaul. + +------------------------------------------------------------------- +Tue Aug 30 17:59:53 UTC 2011 - crrodriguez@opensuse.org + +- Fix build error: redefinition of 'struct file_handle' + +------------------------------------------------------------------- +Sat Jul 30 23:09:55 UTC 2011 - crrodriguez@opensuse.org + +- Use ncursesw6 instead of old ncurses5 + +------------------------------------------------------------------- +Fri May 20 13:51:20 UTC 2011 - max@novell.com + +- Overhaul the package +- Add license files and other stuff from the doc subcdir + (bnc#666935). + +------------------------------------------------------------------- +Tue Jan 18 14:33:24 UTC 2011 - max@novell.com + +- Version 0.5.3: + * security fix + - fix vulnerabilities indicated by bugs.debian.org. + - suppress sending Referer, if https:// -> http:// + * new features + - adapt w3mimg to native windows on MS Windows. + - support xterm-incompatible terminals without gpm. + - add "xhtml" to default guess. + - introduce option pseudo_inlines. + - add option to avoid "wrong number of dots" error in cookies. + * other bug fixes + - fix "important" bugs from bugs.debian.org + - preserve spaces in multibyte context. + - fix proxy authentication. + +------------------------------------------------------------------- +Tue Jun 15 17:56:55 CEST 2010 - max@suse.de + +- Fix handling of embedded nul characters in certificate subjects. + (bnc#609451, CVE-2010-2074). +- Turn on certificate verification by default. + +------------------------------------------------------------------- +Thu Dec 31 13:18:57 CET 2009 - jengelh@medozas.de + +- enable parallel build + +------------------------------------------------------------------- +Tue Nov 3 19:09:51 UTC 2009 - coolo@novell.com + +- updated patches to apply with fuzz=0 + +------------------------------------------------------------------- +Mon Sep 7 16:49:56 CEST 2009 - max@suse.de + +- Added w3m-closedir.patch to fix a directory descriptor leak in + loadLocalDir (bnc#531675). + +------------------------------------------------------------------- +Mon Aug 3 06:40:24 UTC 2009 - jansimon.moeller@opensuse.org + +- small patch for gc to work with qemu-arm on the workers + +------------------------------------------------------------------- +Fri Nov 14 14:11:26 CET 2008 - max@suse.de + +- Re-added the private copy of gc, so that we don't need to + provide generic L3 for the gc package, which is not used by + anything else in the distribution. +- Disable unneeded thread support in gc to fix build on ppc64. + +------------------------------------------------------------------- +Tue Oct 28 20:30:46 CET 2008 - max@suse.de + +- Removed unneeded explicit build dependencies +- w3m-inline-image needs imlib2-loaders. +- Use system-supplied gc library. + +------------------------------------------------------------------- +Mon Feb 25 14:34:04 CET 2008 - crrodriguez@suse.de + +- use find_lang macro + +------------------------------------------------------------------- +Wed Sep 5 14:31:00 CEST 2007 - olh@suse.de + +- use expandPath to expand ~ in TMPDIR (306745) + +------------------------------------------------------------------- +Tue Aug 14 19:06:06 CEST 2007 - olh@suse.de + +- handle EXDEV during history file rename() + +------------------------------------------------------------------- +Sat Aug 11 19:12:36 CEST 2007 - olh@suse.de + +- fix crash in parse_tag() during every start + use TMPDIR, TMP or TEMP enviroment variables + fix a few harmless uninitialized variables + +------------------------------------------------------------------- +Fri Jun 1 17:41:33 CEST 2007 - max@suse.de + +- New version: 0.5.2: + * fix format string vulnerability. + * support gtk2 with w3m-img. + * new option for LiveHTTPHeaders-like logs. + * new option to fontify , , , and so on. + * avoid errors in "configure" and "make". + * '\n' handling in attributes' values of HTML tags. +- Enabled console mouse support via gpm. + +------------------------------------------------------------------- +Mon Apr 2 01:11:30 CEST 2007 - ro@suse.de + +- added ncurses-devel to buildreq + +------------------------------------------------------------------- +Fri Feb 16 15:45:41 CET 2007 - od@suse.de + +- change the default for the option "Use ASCII equivalents to + display entities" from YES to NO. (#247397) + +------------------------------------------------------------------- +Thu Jan 4 20:00:47 CET 2007 - max@suse.de + +- Fixed a format string problem that led to a crash. + (#230775, CVE-2006-6772) +- Made sure everything gets compiled with RPM_OPT_FLAGS. +- Enabled inline images on frame buffer consoles. + +------------------------------------------------------------------- +Sat Mar 18 03:31:30 CET 2006 - od@suse.de + +- fixes for w3m-0.4.1-session-mgmt.dif: + - longer session names: increase filename length for session + files from 30 to 249 + - fix buffer-overrun in several strncat() + - report errors other than ENOENT when opening session and + history files + +------------------------------------------------------------------- +Wed Jan 25 21:42:44 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Wed Apr 27 16:25:19 CEST 2005 - ro@suse.de + +- remove boehm-gc from nfb (dropped) +- use private copy of gc6.4 + +------------------------------------------------------------------- +Fri Aug 13 04:31:47 CEST 2004 - mmj@suse.de + +- Don't --enable-messagel10n since it breaks w3m and makes every- + thing Japanese [#43750] + +------------------------------------------------------------------- +Mon May 3 09:41:59 CEST 2004 - mmj@suse.de + +- Update to 0.5.1 + +------------------------------------------------------------------- +Tue Apr 13 15:14:01 CEST 2004 - mmj@suse.de + +- Update to 0.5 which merges the -m17 part, and also adds + auto{make,conf} support. +- Use %_lib + +------------------------------------------------------------------- +Mon Mar 22 08:52:50 CET 2004 - mmj@suse.de + +- Fix illegal prefetch instructions on intel 64-bit platform [#36352] + +------------------------------------------------------------------- +Tue Feb 17 20:43:26 CET 2004 - kukuk@suse.de + +- Remove s390x ulimit hack (does not work as normal user) + +------------------------------------------------------------------- +Tue Feb 3 17:09:51 CET 2004 - mmj@suse.de + +- Compile with -fno-strict-aliasing + +------------------------------------------------------------------- +Sat Jan 10 16:56:28 CET 2004 - adrian@suse.de + +- add %defattr + +------------------------------------------------------------------- +Fri Oct 10 11:48:45 CEST 2003 - od@suse.de + +- added new option "-session=" which implements simple + session management + +------------------------------------------------------------------- +Mon Aug 18 17:37:27 CEST 2003 - uli@suse.de + +- replaced Boehm GC with a more recent version that works on s390x, + ppc64 (obsoletes w3m-0.3.1-x86_64.dif) + +------------------------------------------------------------------- +Fri Jul 25 18:49:59 CEST 2003 - poeml@suse.de + +- switch to w3m-m17n sources (w3m-0.4.1-m17n-20030308) for its + UTF-8 support, and no longer build the extra w3mj binary +- get rid of -m17n suffix +- add patch by Bjoern Jacke to automatically follow locale +- install the cgi's in /usr/lib/w3m/cgi-bin + +------------------------------------------------------------------- +Thu Jul 24 14:45:45 CEST 2003 - poeml@suse.de + +- update to 0.4.1 + - tab browsing + * rc: open_tab_blank, close_tab_back + * func: CLOSE_TAB, NEW_TAB, NEXT_TAB, PREV_TAB, + * func: TAB_GOTO, TAB_GOTO_RELATIVE + * func: TAB_LEFT, TAB_LINK, TAB_MENU, TAB_RIGHT + * func: CLOSE_TAB_MOUSE, MENU_MOUSE, MOVE_MOUSE, TAB_MOUSE + * rc: open_tab_dl_list + * func: DOWNLOAD_LIST + - wheel scrolling + * rc: relative_wheel_scroll + * rc: relative_wheel_scroll_ratio + * rc: fixed_wheel_scroll_count + - https proxy + * env: https_proxy + * rc: https_proxy + - form filling + * pre_form: ~/.w3m/pre_form + * rc: pre_form_file: pre_form configuration file + - building + * separate auxbindir and libdir (local-CGI, file:///$LIB/) + * configure: -auxbindir + - misc + * options: -show-option + * 2 stroke keybinding + * rc: use_proxy + * rc: preserve_timestamp + * rc: fold_line + * local cookie: passed via file named $LOCAL_COOKIE or posted not in url query + * URL data: support + * URL news:, nntp: newsgroup support + * rc: nntpserver, nntpmode, max_news + * rc: graphic_char + * func: REDO, UNDO + * func: LIST, LIST_MENU, MOVE_LIST_MENU + * func: ACCESSKEY, LINK_MENU + * rc: display_ins_del + * func: MULTIMAP + * options: -N + * func: NEXT, PREV + * rc: image_map_list + * rc: decode_url + * func: RESHAPE + * func: SEARCH can take arg + * rc: disable_secret_security_check (for windows?) + - w3m-0.2.1-ia64.dif seems obsolete + - re-diff textarea-segfault.dif, it seems still needed + - package some of the new Bonus cgi's + +------------------------------------------------------------------- +Fri Jun 13 09:34:16 CEST 2003 - kukuk@suse.de + +- Add missing directories to filelist + +------------------------------------------------------------------- +Mon Feb 24 20:52:47 CET 2003 - poeml@suse.de + +- add fix for segfault that can occur when editing a textarea field + with vi, and returning to w3m (it seems to happen if the terminal + is not writable, as when using w3m after 'su - some_user') [#17597] + +------------------------------------------------------------------- +Thu Jan 16 00:03:13 CET 2003 - adrian@suse.de + +- do not package files from sub package also into main package + (no more X11 dependency on main package) +- package also man pages + +------------------------------------------------------------------- +Thu Dec 5 18:24:48 CET 2002 - poeml@suse.de + +- update to 0.3.2.2 + * security fix: html_quote for img alt attributes + * security fix: html_quote for frame contents + * backport from w3m 0.3.2+cvs + - fix segmentation fault by large complex table. + [w3m-dev 03371][w3m-dev 03438] + +------------------------------------------------------------------- +Mon Nov 4 19:27:06 CET 2002 - poeml@suse.de + +- update to 0.3.2 (which has framebuffer console image support, but + we don't build it because the permissions of /dev/fb* can only be + set globally) +- w3mimgsize ceased to exist +- add w3mman, a pretty handy man page browser + +------------------------------------------------------------------- +Thu Aug 15 12:59:39 CEST 2002 - schwab@suse.de + +- Fix compilation on ia64. + +------------------------------------------------------------------- +Wed Aug 7 16:21:35 CEST 2002 - poeml@suse.de + +- fixed for s390x + - set ulimit -v unlimited otherwise the mktable helper segfaults +- apply lib64 patch on all architectures + +------------------------------------------------------------------- +Tue Jul 16 12:03:47 CEST 2002 - poeml@suse.de + +- define konqueror instead of mozilla as default external browser +- no path needed for external helpers + +------------------------------------------------------------------- +Mon Jul 15 23:21:41 CEST 2002 - poeml@suse.de + +- update to version 0.3.1. +- cookie handling: don't treat toplevel domains with 2 letters + different from ones with 3 letters ("special domain check"), by + don't allowing domain= values with 2 periods in a Set-Cookie + header (why should a cookie from .ebay.de be invalid, while the + same cookie from .ebay.com is not?) +- allow to configure the "accept" option for bad cookies +- define mozilla instead of netscape as default external browser +- show configuration in build log +- don't explicitely -I/usr/include, avoid nasty compiler warnings +- use RPM_OPT_FLAGS + +------------------------------------------------------------------- +Sun Jul 7 22:32:58 CEST 2002 - schwab@suse.de + +- Update to version 0.3. + +------------------------------------------------------------------- +Wed May 29 01:30:18 CEST 2002 - ro@suse.de + +- first hack to work on x86_64 + +------------------------------------------------------------------- +Tue May 21 19:05:32 CEST 2002 - poeml@suse.de + +- fix wrong configuration which broke HTML text area editing + (editor was set to -O) (#16260) + +------------------------------------------------------------------- +Thu May 16 14:10:11 CEST 2002 - poeml@suse.de + +- split off a w3m-inline-image subpackage to avoid the main package + RPM dependency on X stuff + +------------------------------------------------------------------- +Sat Feb 2 17:47:00 CET 2002 - poeml@suse.de + +- update to 0.2.5: + * RFC2617: HTTP Digest authentication + * rc: default_url=0(empty) 1(current URL) 2(link URL) + * GOTO_RELATIVE (M-u) + * highlight for incremental search + * support migemo (romaji search) + * use w3mmail.cgi for mailto: URL + * support external URI loader + * support -dump_extra ftp:// + * new regex implementation +- update inline image patch to w3m-0.2.5-img-2.2.patch.bz2 +- add WWW-Authenticate.dif (makes w3m recognize WWW-Authenticate: + token in lower case) + +------------------------------------------------------------------- +Fri Feb 1 00:26:08 CET 2002 - ro@suse.de + +- changed neededforbuild to + +------------------------------------------------------------------- +Thu Jan 24 19:31:59 CET 2002 - poeml@suse.de + +- update to 0.2.4 +- use updated inline image patch w3m-0.2.4-img-1.18.patch.gz + +------------------------------------------------------------------- +Wed Nov 28 23:41:59 CET 2001 - mfabian@suse.de + +- add patch for inline images (tweaked to work with + w3m-0.2.2-inu-1.1 by , + originally from http://www2u.biglobe.ne.jp/~hsaka/w3m/patch/) + +------------------------------------------------------------------- +Fri Nov 23 01:20:29 CET 2001 - poeml@suse.de + +- update to w3m-0.2.2-inu-1.1. This time, the included gc is new + enough (6.1alpha2), so we don't need to supply another one. + +------------------------------------------------------------------- +Mon Nov 12 13:22:04 CET 2001 - schwab@suse.de + +- Fix for ia64. + +------------------------------------------------------------------- +Wed Oct 31 19:59:05 CET 2001 - poeml@suse.de + +- update to w3m-0.2.1-inu-1.5. This includes almost all patches + posted to w3m-dev ML and w3m-dev-en ML in Oct. For details, see: + http://mi.med.tohoku.ac.jp/~satodai/w3m/inu/200110/index.en.html + +------------------------------------------------------------------- +Tue Oct 30 14:19:46 CET 2001 - poeml@suse.de + +- update to latest version: w3m-0.2.1-inu-1.4 [w3m-dev-en 00596] + (it is semi-official, but all developers use that one) +- drop all patches since they are now included +- w3m ships with current gc now, but update to gc6.0alpha9 which + has some s390 patches + +------------------------------------------------------------------- +Tue Aug 28 11:48:03 CEST 2001 - poeml@suse.de + +- add w3m-0.2.1-javascript-hide.dif from author to hide javascript + statements even if they are inside table tags +- apply forgotten relURL patch + +------------------------------------------------------------------- +Thu Jun 28 14:29:11 CEST 2001 - poeml@suse.de + +- security fix: w3m-0.2.1-mimehead-buf.dif to prevent possible + buffer overflow when parsing malformed URLs +- add patch that allows key mappings with a count +- spec file cleanup + +------------------------------------------------------------------- +Wed Apr 4 21:42:29 CEST 2001 - poeml@suse.de + +- add patch to help with pages containing javascript + +------------------------------------------------------------------- +Wed Apr 4 13:29:12 CEST 2001 - poeml@suse.de + +- update to w3m-0.2.1 +- as before, use a newer gc on ia64 and sparc +- fix include path for gc on ia64 and sparc +- undefine INET6 on sparc: struct sockaddr_storage seems to have no + member ss_family +- fix double declaration of CMT_SSL_FORBID_METHOD +- add patch for problems caused by misunderstanding of relative + URLs +- fix Version tag (was a macro) + +------------------------------------------------------------------- +Mon Feb 19 00:25:56 CET 2001 - poeml@suse.de + +- update to 0.1.11-pre (which is actually more stable than 0.1.10) +- apply massive kokb23 patch collection +- add patch for lynx-like pauth option +- drop norman.patch +- add newer gc (6.0alpha6) for ia64 and sparc that works with + glibc-2.2.1 +- update autoconf and libtool on these archs + +------------------------------------------------------------------- +Wed Jan 31 19:23:01 CET 2001 - poeml@suse.de + +- add a version 5.1 of gc (Boehm-Weiser garbage collector) which is + patched for ia64 ( http://www.cs.berkeley.edu/projects/ + titanium/src/titaniumc/runtime/gc/ ). + don't use GC_push_other_roots() for some reason -> gc-5.1.patch + +------------------------------------------------------------------- +Tue Jan 9 17:34:22 CET 2001 - poeml@suse.de + +- removed duplicate man page in %{_defaultdocdir}/w3m/doc/ + +------------------------------------------------------------------- +Wed Dec 20 15:49:39 CET 2000 - poeml@suse.de + +- add web_browser to Provides (in sync with lynx and links) + +------------------------------------------------------------------- +Mon Dec 18 15:50:09 CET 2000 - poeml@suse.de + +- merged w3m and w3m_ssl +- added openssl to neededforbuild +- bzipped sources + +------------------------------------------------------------------- +Wed Dec 6 10:19:37 CET 2000 - poeml@suse.de + +- added japanese binary + +------------------------------------------------------------------- +Fri Oct 13 09:51:55 CEST 2000 - poeml@suse.de + +- update to 0.1.10 +- patch for perl path no longer necessary (now done by ./configure) +- fix missing ifdef JP_CHARSET +- readjust spec file to new option in ./configure +- compile with lynx-like key binding + +------------------------------------------------------------------- +Sat Sep 9 13:20:27 CEST 2000 - bjacke@suse.de + +- added Excludes with w3m_ssl + +------------------------------------------------------------------- +Mon May 15 11:45:30 CEST 2000 - kukuk@suse.de + +- Update to 0.1.9 (works on SPARC) +- Use /bin/vi for 7.0 +- Fix defines on SPARC +- Fix spec file +- Add installed scripts to filelist + +------------------------------------------------------------------- +Sun Feb 13 16:54:14 MET 2000 - mge@suse.de + +- update to 0.1.6 +- group tag + +------------------------------------------------------------------- +Tue Oct 26 05:39:06 MEST 1999 - mge@suse.de + +- initial SuSE-RPM + diff --git a/w3m.spec b/w3m.spec new file mode 100644 index 0000000..0afa5d1 --- /dev/null +++ b/w3m.spec @@ -0,0 +1,134 @@ +# +# spec file for package w3m +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: w3m +URL: http://w3m.sourceforge.net/ +Version: 0.5.3+git20230121 +Release: 0 +Summary: A text-based WWW browser +License: ISC +Group: Productivity/Networking/Web/Browsers + +Source0: https://salsa.debian.org/debian/w3m/-/archive/v%{version}/w3m-v%{version}.tar.bz2 +Patch0: 0001-Update-German-message-catalogue.patch +Patch1: 0001-Fix-OOB-access-due-to-multiple-backspaces.patch + +BuildRoot: %{_tmppath}/%{name}-%{version}-build +BuildRequires: gc-devel +BuildRequires: gcc-c++ +BuildRequires: gpm +BuildRequires: imlib2-devel +BuildRequires: ncurses-devel +BuildRequires: openssl-devel +BuildRequires: pkgconfig +Provides: w3m_ssl = %version +Provides: web_browser +Obsoletes: w3m_ssl < %version + +%package inline-image +Summary: An inline image extension for w3m +Group: Productivity/Networking/Web/Browsers +Requires: imlib2-loaders +Requires: w3m +Provides: w3m:/usr/%_lib/w3m/w3mimgdisplay + +%description +W3m is a pager and text-based WWW browser. It has a number of useful +features: + +* w3m can render tables + +* w3m can render frames (it converts the frames into a table) + +* SSL support + +* w3m can easily display documents from standard input + +* w3m can handle cookies + +* w3m is small + +* w3m has mouse support + +If w3m-inline-image is installed it can display graphics inside +terminals, even on the console on some platforms. + +%description inline-image +Inline image extension for w3m, the text-based WWW browser. + +When this package is installed w3m can display images inline in an X +terminal (if it runs in a graphical X Window System environment). + +%prep +%setup -q -n w3m-v%{version} +find -name CVS -exec rm -Rf "{}" "+" +%autopatch -p1 + +%build +export CFLAGS="$RPM_OPT_FLAGS -DUSE_BUFINFO -DOPENSSL_NO_SSL_INTERN -D_GNU_SOURCE $(getconf LFS_CFLAGS) -fno-strict-aliasing `ncursesw6-config --cflags` -fPIE" +export CXXFLAGS="$CFLAGS" +export LDFLAGS="`ncursesw6-config --libs` -pie" +./configure --bindir=/usr/bin \ + --with-termlib=ncursesw \ + --mandir=%_mandir \ + --libdir=%_libdir \ + --libexecdir=%_libdir \ + --prefix=/usr \ + --sysconfdir=/etc \ + --enable-ipv6 \ + --enable-alarm \ + --enable-ansi-color \ + --enable-digest-auth \ + --enable-external-uri-loader \ + --enable-gopher \ + --enable-history \ + --enable-image=x11,fb \ + --enable-keymap=lynx \ + --enable-m17n \ + --enable-mouse \ + --enable-nls \ + --enable-nntp \ + --enable-sslverify \ + --enable-unicode \ + --disable-w3mmailer +make %{?_smp_mflags} + +%install +make install install-helpfile DESTDIR=$RPM_BUILD_ROOT +install -m 755 Bonus/*.cgi $RPM_BUILD_ROOT/usr/%_lib/w3m/cgi-bin +%find_lang %{name} + +%files -f %{name}.lang +%defattr(-,root,root) +/usr/bin/w3m +/usr/bin/w3mman +%doc doc/* +%doc ChangeLog +%_mandir/de/man1/w3m* +%_libdir/w3m +%exclude %_libdir/w3m/w3mimgdisplay +%lang(ja)%doc %_mandir/ja +%doc %_mandir/man*/* +%_datadir/%name + +%files inline-image +%defattr(-,root,root) +%dir %_libdir/w3m +/usr/%_lib/w3m/w3mimgdisplay + +%changelog