pool/wget
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 537227 from network:utilities

Browse Source 
GNU wget 1.19.2
  * CVE-2017-13089: Stack overflow in HTTP protocol handling (bsc#1064715)
  * CVE-2017-13090: Heap overflow in HTTP protocol handling (bsc#1064716) (forwarded request 537218 from AndreasStieger)

OBS-URL: https://build.opensuse.org/request/show/537227
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/wget?expand=0&rev=50
This commit is contained in:
Dominique Leuenberger 2017-11-03 15:21:23 +00:00 committed by Git OBS Bridge
commit 77b6910e39
10 changed files with 32 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
wget-1.19.1.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0c950b9671881222a4d385b013c9604e98a8025d1988529dfca0e93617744cd2
size 2111756

BIN
wget-1.19.1.tar.xz.sig
View File

Binary file not shown.

3
wget-1.19.2.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4f4a673b6d466efa50fbfba796bd84a46ae24e370fa562ede5b21ab53c11a920
size 4349267

BIN
wget-1.19.2.tar.gz.sig Normal file
View File

Binary file not shown.

21
wget-416-but-file-not-complete.patch
View File

@ -1,21 +0,0 @@
Index: wget-1.19.1/src/http.c
===================================================================
--- wget-1.19.1.orig/src/http.c
+++ wget-1.19.1/src/http.c
@@ -3819,6 +3819,16 @@ gethttp (const struct url *u, struct url
}
if (statcode == HTTP_STATUS_RANGE_NOT_SATISFIABLE
+ && hs->restval < (contlen + contrange))
+ {
+ /* The file was not completely downloaded,
+ yet the server claims the range is invalid.
+ Bail out. */
+ CLOSE_INVALIDATE (sock);
+ retval = RANGEERR;
+ goto cleanup;
+ }
+ if (statcode == HTTP_STATUS_RANGE_NOT_SATISFIABLE
|| (!opt.timestamping && hs->restval > 0 && statcode == HTTP_STATUS_OK
&& contrange == 0 && contlen >= 0 && hs->restval >= contlen))
{

22
wget-CVE-2017-6508.patch
View File

@ -1,22 +0,0 @@
diff --git a/src/url.c b/src/url.c
index 8f8ff0b..7d36b27 100644
--- a/src/url.c
+++ b/src/url.c
@@ -925,6 +925,17 @@ url_parse (const char *url, int *error, struct iri *iri, bool percent_encode)
url_unescape (u->host);
host_modified = true;
+ /* check for invalid control characters in host name */
+ for (p = u->host; *p; p++)
+ {
+ if (c_iscntrl(*p))
+ {
+ url_free(u);
+ error_code = PE_INVALID_HOST_NAME;
+ goto error;
+ }
+ }
+
/* Apply IDNA regardless of iri->utf8_encode status */
if (opt.enable_iri && iri)
{

12
wget-errno-clobber.patch
View File

@ -1,8 +1,8 @@
Index: wget-1.18/src/http.c Index: wget-1.19.2/src/http.c
=================================================================== ===================================================================
--- wget-1.18.orig/src/http.c --- wget-1.19.2.orig/src/http.c 2017-10-26 17:30:08.000000000 +0200
+++ wget-1.18/src/http.c +++ wget-1.19.2/src/http.c 2017-10-27 17:59:48.659093393 +0200
@@ -1516,6 +1516,7 @@ persistent_available_p (const char *host @@ -1524,6 +1524,7 @@ persistent_available_p (const char *host
active, registered connection". */ active, registered connection". */
#define CLOSE_FINISH(fd) do { \ #define CLOSE_FINISH(fd) do { \
@ -10,7 +10,7 @@ Index: wget-1.18/src/http.c
if (!keep_alive) \ if (!keep_alive) \
{ \ { \
if (pconn_active && (fd) == pconn.socket) \ if (pconn_active && (fd) == pconn.socket) \
@@ -1524,14 +1525,17 @@ persistent_available_p (const char *host @@ -1532,14 +1533,17 @@ persistent_available_p (const char *host
fd_close (fd); \ fd_close (fd); \
fd = -1; \ fd = -1; \
} \ } \
@ -27,4 +27,4 @@ Index: wget-1.18/src/http.c
+ errno = errno_sav; \ + errno = errno_sav; \
} while (0) } while (0)
struct http_stat typedef enum

19
wget.changes
View File

@ -1,3 +1,22 @@
-------------------------------------------------------------------
Fri Oct 27 16:05:55 UTC 2017 - astieger@suse.com
- GNU wget 1.19.2:
* CVE-2017-13089: Stack overflow in HTTP protocol handling (bsc#1064715)
* CVE-2017-13090: Heap overflow in HTTP protocol handling (bsc#1064716)
* New option --compression for gzip Content-Encoding
* New option --[no]-netrc to control .netrc parsing
* Added GNU extensions to .netrc parsing
* Improved IDNA 2003 compatibility
* Fix VPATH issues
* Improved and extended the test suite
* Support Wayback Machine's X-Archive-Orig-last-modified
* Several bug fixes
- drop upstreamed patches:
* wget-CVE-2017-6508.patch
* wget-416-but-file-not-complete.patch
- unfuzz wget-errno-clobber.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Sep 21 06:45:00 UTC 2017 - josef.moellers@suse.com Thu Sep 21 06:45:00 UTC 2017 - josef.moellers@suse.com

BIN
wget.keyring
View File

Binary file not shown.

12
wget.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package wget # spec file for package wget
# #
# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -18,14 +18,14 @@
%bcond_with regression_tests %bcond_with regression_tests
Name: wget Name: wget
Version: 1.19.1 Version: 1.19.2
Release: 0 Release: 0
Summary: A Tool for Mirroring FTP and HTTP Servers Summary: A Tool for Mirroring FTP and HTTP Servers
License: GPL-3.0+ License: GPL-3.0+
Group: Productivity/Networking/Web/Utilities Group: Productivity/Networking/Web/Utilities
Url: https://www.gnu.org/software/wget/ Url: https://www.gnu.org/software/wget/
Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.xz Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz
Source1: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.xz.sig Source1: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz.sig
Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wget&download=1#/wget.keyring Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wget&download=1#/wget.keyring
Patch0: wgetrc.patch Patch0: wgetrc.patch
Patch1: wget-libproxy.patch Patch1: wget-libproxy.patch
@ -33,8 +33,6 @@ Patch6: wget-1.14-no-ssl-comp.patch
# PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 coolo@suse.de # PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 coolo@suse.de
Patch7: wget-fix-pod-syntax.diff Patch7: wget-fix-pod-syntax.diff
Patch8: wget-errno-clobber.patch Patch8: wget-errno-clobber.patch
Patch9: wget-CVE-2017-6508.patch
Patch10: wget-416-but-file-not-complete.patch
BuildRequires: automake BuildRequires: automake
BuildRequires: gpgme-devel >= 0.4.2 BuildRequires: gpgme-devel >= 0.4.2
BuildRequires: libcares-devel BuildRequires: libcares-devel
@ -81,8 +79,6 @@ This can be done in script files or via the command line.
%patch6 %patch6
%patch7 -p1 %patch7 -p1
%patch8 -p1 %patch8 -p1
%patch9 -p1
%patch10 -p1
%build %build
%if 0%{?suse_version} > 1110 %if 0%{?suse_version} > 1110