This commit is contained in:
parent
7fba2a2446
commit
fb41fcc519
16
wget-CVE-2006-6719.patch
Normal file
16
wget-CVE-2006-6719.patch
Normal file
@ -0,0 +1,16 @@
|
||||
Fixes NULL pointer dereference (CVE-2006-6719)
|
||||
|
||||
================================================================================
|
||||
--- src/ftp-basic.c
|
||||
+++ src/ftp-basic.c
|
||||
@@ -1039,7 +1039,9 @@
|
||||
first word of the server response)? */
|
||||
request = strtok (NULL, " ");
|
||||
|
||||
- if (!strcasecmp (request, "VMS"))
|
||||
+ if (request == NULL)
|
||||
+ *server_type = ST_OTHER;
|
||||
+ else if (!strcasecmp (request, "VMS"))
|
||||
*server_type = ST_VMS;
|
||||
else if (!strcasecmp (request, "UNIX"))
|
||||
*server_type = ST_UNIX;
|
@ -1,3 +1,8 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Mar 28 19:13:11 CEST 2007 - max@suse.de
|
||||
|
||||
- Fixes a null pointer dereference (#231063, CVE-2006-6719)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jun 22 14:53:07 CEST 2006 - max@suse.de
|
||||
|
||||
|
12
wget.spec
12
wget.spec
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package wget (Version 1.10.2)
|
||||
#
|
||||
# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||
# This file and all modifications and additions to the pristine
|
||||
# package are under the same license as the package itself.
|
||||
#
|
||||
@ -13,11 +13,11 @@
|
||||
Name: wget
|
||||
BuildRequires: libpng-devel openssl-devel
|
||||
URL: http://wget.sunsite.dk/
|
||||
License: GPL
|
||||
License: GNU General Public License (GPL)
|
||||
Group: Productivity/Networking/Web/Utilities
|
||||
Autoreqprov: on
|
||||
Version: 1.10.2
|
||||
Release: 15
|
||||
Release: 46
|
||||
Summary: A Tool for Mirroring FTP and HTTP Servers
|
||||
Source: %name-%version.tar.bz2
|
||||
Patch: nops_doc.diff
|
||||
@ -28,6 +28,7 @@ Patch6: wget-1.10-fnmatch.diff
|
||||
Patch7: wget-1.10.1-strict-aliasing.diff
|
||||
Patch8: wget-ftp-restart.patch
|
||||
Patch9: wget-CAN-2004-1488.patch
|
||||
Patch10: wget-CVE-2006-6719.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
PreReq: %install_info_prereq
|
||||
|
||||
@ -51,6 +52,7 @@ Authors:
|
||||
%patch7 -p1
|
||||
%patch8
|
||||
%patch9
|
||||
%patch10
|
||||
rename no nb $RPM_BUILD_DIR/wget*/po/no.*
|
||||
|
||||
%build
|
||||
@ -91,7 +93,9 @@ rm -rf $RPM_BUILD_ROOT;
|
||||
%{_bindir}/*
|
||||
%{_datadir}/locale/*/*/*
|
||||
|
||||
%changelog -n wget
|
||||
%changelog
|
||||
* Wed Mar 28 2007 - max@suse.de
|
||||
- Fixes a null pointer dereference (#231063, CVE-2006-6719)
|
||||
* Thu Jun 22 2006 - max@suse.de
|
||||
- Removed the unneeded fix for CAN-2004-1487
|
||||
(bugs #179369 and #185214).
|
||||
|
Loading…
Reference in New Issue
Block a user