Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
aports
Manage
Activity
Members
Labels
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Container Registry
Model registry
Operate
Environments
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
J0WI
aports
Commits
1fad1bf1
Commit
1fad1bf1
authored
7 years ago
by
Sören Tempel
Browse files
Options
Downloads
Patches
Plain Diff
main/wget: upgrade to 1.19.2
parent
b2b1aa42
Loading
Loading
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
main/wget/APKBUILD
+5
-9
5 additions, 9 deletions
main/wget/APKBUILD
main/wget/CVE-2017-6508.patch
+0
-25
0 additions, 25 deletions
main/wget/CVE-2017-6508.patch
with
5 additions
and
34 deletions
main/wget/APKBUILD
+
5
−
9
View file @
1fad1bf1
...
...
@@ -2,8 +2,8 @@
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer: Carlo Landmeter <clandmeter@gmail.com>
pkgname
=
wget
pkgver
=
1.19.
1
pkgrel
=
2
pkgver
=
1.19.
2
pkgrel
=
0
pkgdesc
=
"A network utility to retrieve files from the Web"
url
=
"http://www.gnu.org/software/wget/wget.html"
arch
=
"all"
...
...
@@ -12,16 +12,13 @@ depends=""
makedepends
=
"libressl-dev perl"
subpackages
=
"
$pkgname
-doc"
install
=
""
source
=
"ftp://ftp.gnu.org/gnu/
$pkgname
/
$pkgname
-
$pkgver
.tar.gz
CVE-2017-6508.patch
"
source
=
"ftp://ftp.gnu.org/gnu/
$pkgname
/
$pkgname
-
$pkgver
.tar.gz "
builddir
=
"
$srcdir
/
$pkgname
-
$pkgver
"
# secfixes:
# 1.19.1-r1:
# - CVE-2017-6508
builddir
=
"
$srcdir
/
$pkgname
-
$pkgver
"
build
()
{
cd
"
$builddir
"
./configure
\
...
...
@@ -44,5 +41,4 @@ package() {
rm
-rf
"
$pkgdir
"
/usr/lib
}
sha512sums
=
"d212ce1387b8e4269c6010bd4c2b4822c14e290d2af6442f3eebe05df27433434600e8e0bdf89a3cb1b5eff1a58eca193bddeac44c1691efe44eb245c5ee7f04 wget-1.19.1.tar.gz
666b94bcba6a257be01f0d18897c13afe7dcc4eb156e7d6b386de06fdcbdd0da31a2cc7a8ffaa5108dff67872f610b9df30d0df9e8132283255ec6c608fff904 CVE-2017-6508.patch"
sha512sums
=
"a0f8afcc0767a8fd1acd64b1b1b27d177bc938e70cc3709c1b3faa6c1426ec926642cd8e49d292cec0268ee507683539b5152072110106de5a728a03efd8cedd wget-1.19.2.tar.gz"
This diff is collapsed.
Click to expand it.
main/wget/CVE-2017-6508.patch
deleted
100644 → 0
+
0
−
25
View file @
b2b1aa42
Patch source:
http://git.savannah.gnu.org/cgit/wget.git/diff/?id=4d729e322fae359a1aefaafec1144764a54e8ad4
diff --git a/src/url.c b/src/url.c
index 8f8ff0b..7d36b27 100644
--- a/src/url.c
+++ b/src/url.c
@@ -925,6 +925,17 @@
url_parse (const char *url, int *error, struct iri *iri, bool percent_encode)
url_unescape (u->host);
host_modified = true;
+ /* check for invalid control characters in host name */
+ for (p = u->host; *p; p++)
+ {
+ if (c_iscntrl(*p))
+ {
+ url_free(u);
+ error_code = PE_INVALID_HOST_NAME;
+ goto error;
+ }
+ }
+
/* Apply IDNA regardless of iri->utf8_encode status */
if (opt.enable_iri && iri)
{
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
