rpms/w3m/F-13 w3m-0.5.2-nulcn.patch, NONE, 1.1 w3m-0.5.2-ssl_verify_server_on.patch, NONE, 1.1 w3m.spec, 1.59, 1.60
pnemade
pnemade at fedoraproject.org
Thu Jun 17 10:23:47 UTC 2010
- Previous message: rpms/w3m/devel w3m-0.5.2-nulcn.patch, NONE, 1.1 w3m-0.5.2-ssl_verify_server_on.patch, NONE, 1.1 w3m.spec, 1.59, 1.60
- Next message: rpms/transmission/devel fix-optflags.patch, NONE, 1.1 .cvsignore, 1.44, 1.45 sources, 1.44, 1.45 transmission.spec, 1.67, 1.68 use-system-libevent-fix-optflags-patch, 1.3, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: pnemade
Update of /cvs/pkgs/rpms/w3m/F-13
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv3680
Modified Files:
w3m.spec
Added Files:
w3m-0.5.2-nulcn.patch w3m-0.5.2-ssl_verify_server_on.patch
Log Message:
* Thu Jun 17 2010 Parag <pnemade AT redhat.com> - 0.5.2-18
- Resolves:rh#604864-CVE-2010-2074 w3m: doesn't handle NULL in Common Name properly
w3m-0.5.2-nulcn.patch:
istream.c | 28 ++++++++++++++++++++++++----
1 file changed, 24 insertions(+), 4 deletions(-)
--- NEW FILE w3m-0.5.2-nulcn.patch ---
Index: w3m-0.5.2/istream.c
===================================================================
--- w3m-0.5.2.orig/istream.c
+++ w3m-0.5.2/istream.c
@@ -447,8 +447,17 @@ ssl_check_cert_ident(X509 * x, char *hos
if (!seen_dnsname)
seen_dnsname = Strnew();
+ /* replace \0 to make full string visible to user */
+ if (sl != strlen(sn)) {
+ int i;
+ for (i = 0; i < sl; ++i) {
+ if (!sn[i])
+ sn[i] = '!';
+ }
+ }
Strcat_m_charp(seen_dnsname, sn, " ", NULL);
- if (ssl_match_cert_ident(sn, sl, hostname))
+ if (sl == strlen(sn) /* catch \0 in SAN */
+ && ssl_match_cert_ident(sn, sl, hostname))
break;
}
}
@@ -466,16 +475,27 @@ ssl_check_cert_ident(X509 * x, char *hos
if (match_ident == FALSE && ret == NULL) {
X509_NAME *xn;
char buf[2048];
+ int slen;
xn = X509_get_subject_name(x);
- if (X509_NAME_get_text_by_NID(xn, NID_commonName,
- buf, sizeof(buf)) == -1)
+ slen = X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf));
+ if ( slen == -1)
/* FIXME: gettextize? */
ret = Strnew_charp("Unable to get common name from peer cert");
- else if (!ssl_match_cert_ident(buf, strlen(buf), hostname))
+ else if (slen != strlen(buf)
+ || !ssl_match_cert_ident(buf, strlen(buf), hostname)) {
+ /* replace \0 to make full string visible to user */
+ if (slen != strlen(buf)) {
+ int i;
+ for (i = 0; i < slen; ++i) {
+ if (!buf[i])
+ buf[i] = '!';
+ }
+ }
/* FIXME: gettextize? */
ret = Sprintf("Bad cert ident %s from %s", buf, hostname);
+ }
else
match_ident = TRUE;
}
w3m-0.5.2-ssl_verify_server_on.patch:
fm.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- NEW FILE w3m-0.5.2-ssl_verify_server_on.patch ---
verify SSL certificates by default. SSL support really is pointless without doing that.
Also disable use of SSLv2 by default as it's insecure, deprecated, dead since last century.
Index: w3m-0.5.2/fm.h
===================================================================
--- w3m-0.5.2.orig/fm.h
+++ w3m-0.5.2/fm.h
@@ -1120,7 +1120,7 @@ global int view_unseenobject init(TRUE);
#endif
#if defined(USE_SSL) && defined(USE_SSL_VERIFY)
-global int ssl_verify_server init(FALSE);
+global int ssl_verify_server init(TRUE);
global char *ssl_cert_file init(NULL);
global char *ssl_key_file init(NULL);
global char *ssl_ca_path init(NULL);
@@ -1129,7 +1129,7 @@ global int ssl_path_modified init(FALSE)
#endif /* defined(USE_SSL) &&
* defined(USE_SSL_VERIFY) */
#ifdef USE_SSL
-global char *ssl_forbid_method init(NULL);
+global char *ssl_forbid_method init("2");
#endif
global int is_redisplay init(FALSE);
Index: w3m.spec
===================================================================
RCS file: /cvs/pkgs/rpms/w3m/F-13/w3m.spec,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -p -r1.59 -r1.60
--- w3m.spec 17 Feb 2010 08:54:07 -0000 1.59
+++ w3m.spec 17 Jun 2010 10:23:46 -0000 1.60
@@ -5,7 +5,7 @@
Name: w3m
Version: 0.5.2
-Release: 17%{?dist}
+Release: 18%{?dist}
License: MIT
URL: http://w3m.sourceforge.net/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -36,7 +36,10 @@ Patch1: w3m-0.5.1-gcc4.patch
Patch2: w3m-0.5.2-multilib.patch
Patch3: bug_555467_FTBFS.patch
Patch4: bug_566101_Fix-DSO-X11.patch
-
+Patch5: w3m-0.5.2-nulcn.patch
+Patch6: w3m-0.5.2-ssl_verify_server_on.patch
+
+
Summary: A pager with Web browsing abilities
Group: Applications/Internet
Provides: webclient
@@ -75,6 +78,8 @@ chmod 755 doc-jp
%patch2 -p1
%patch3 -p0
%patch4 -p0
+%patch5 -p1
+%patch6 -p1
%if %{with_utf8}
pushd doc-jp
@@ -144,6 +149,9 @@ rm -rf $RPM_BUILD_ROOT
%{_libexecdir}/w3m/w3mimgdisplay
%changelog
+* Thu Jun 17 2010 Parag <pnemade AT redhat.com> - 0.5.2-18
+- Resolves:rh#604864-CVE-2010-2074 w3m: doesn't handle NULL in Common Name properly
+
* Wed Feb 17 2010 Parag <pnemade AT redhat.com> - 0.5.2-17
- Resolves:rh#566101-FTBFS w3m-0.5.2-16.fc13: ImplicitDSOLinking
- Previous message: rpms/w3m/devel w3m-0.5.2-nulcn.patch, NONE, 1.1 w3m-0.5.2-ssl_verify_server_on.patch, NONE, 1.1 w3m.spec, 1.59, 1.60
- Next message: rpms/transmission/devel fix-optflags.patch, NONE, 1.1 .cvsignore, 1.44, 1.45 sources, 1.44, 1.45 transmission.spec, 1.67, 1.68 use-system-libevent-fix-optflags-patch, 1.3, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list