rpms/w3m/F-12 bug_566101_Fix-DSO-X11.patch, NONE, 1.1 w3m-0.5.2-nulcn.patch, NONE, 1.1 w3m-0.5.2-ssl_verify_server_on.patch, NONE, 1.1 w3m.spec, 1.57, 1.58
pnemade
pnemade at fedoraproject.org
Thu Jun 24 06:18:07 UTC 2010
Author: pnemade
Update of /cvs/pkgs/rpms/w3m/F-12
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv27341
Modified Files:
w3m.spec
Added Files:
bug_566101_Fix-DSO-X11.patch w3m-0.5.2-nulcn.patch
w3m-0.5.2-ssl_verify_server_on.patch
Log Message:
* Thu Jun 24 2010 Parag <pnemade AT redhat.com> - 0.5.2-17
- Resolves:rh#604864-CVE-2010-2074 w3m: doesn't handle NULL in Common Name properly
bug_566101_Fix-DSO-X11.patch:
Makefile.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- NEW FILE bug_566101_Fix-DSO-X11.patch ---
--- Makefile.in.old 2007-05-29 17:31:04.000000000 +0530
+++ Makefile.in 2010-02-17 14:19:08.000000000 +0530
@@ -193,7 +193,7 @@
$(CC) $(CFLAGS) -DDUMMY -c -o $@ $?
$(IMGDISPLAY): w3mimgdisplay.o $(ALIB) w3mimg/w3mimg.a
- $(CC) $(CFLAGS) -o $(IMGDISPLAY) w3mimgdisplay.o w3mimg/w3mimg.a $(LDFLAGS) $(LIBS) $(IMGLDFLAGS)
+ $(CC) $(CFLAGS) -o $(IMGDISPLAY) w3mimgdisplay.o w3mimg/w3mimg.a $(LDFLAGS) $(LIBS) $(IMGLDFLAGS) -lX11
w3mimgdisplay.o: w3mimgdisplay.c w3mimg/w3mimg.h
$(CC) $(CFLAGS) $(IMGCFLAGS) -o $@ -c $(srcdir)/w3mimgdisplay.c
w3m-0.5.2-nulcn.patch:
istream.c | 28 ++++++++++++++++++++++++----
1 file changed, 24 insertions(+), 4 deletions(-)
--- NEW FILE w3m-0.5.2-nulcn.patch ---
Index: w3m-0.5.2/istream.c
===================================================================
--- w3m-0.5.2.orig/istream.c
+++ w3m-0.5.2/istream.c
@@ -447,8 +447,17 @@ ssl_check_cert_ident(X509 * x, char *hos
if (!seen_dnsname)
seen_dnsname = Strnew();
+ /* replace \0 to make full string visible to user */
+ if (sl != strlen(sn)) {
+ int i;
+ for (i = 0; i < sl; ++i) {
+ if (!sn[i])
+ sn[i] = '!';
+ }
+ }
Strcat_m_charp(seen_dnsname, sn, " ", NULL);
- if (ssl_match_cert_ident(sn, sl, hostname))
+ if (sl == strlen(sn) /* catch \0 in SAN */
+ && ssl_match_cert_ident(sn, sl, hostname))
break;
}
}
@@ -466,16 +475,27 @@ ssl_check_cert_ident(X509 * x, char *hos
if (match_ident == FALSE && ret == NULL) {
X509_NAME *xn;
char buf[2048];
+ int slen;
xn = X509_get_subject_name(x);
- if (X509_NAME_get_text_by_NID(xn, NID_commonName,
- buf, sizeof(buf)) == -1)
+ slen = X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf));
+ if ( slen == -1)
/* FIXME: gettextize? */
ret = Strnew_charp("Unable to get common name from peer cert");
- else if (!ssl_match_cert_ident(buf, strlen(buf), hostname))
+ else if (slen != strlen(buf)
+ || !ssl_match_cert_ident(buf, strlen(buf), hostname)) {
+ /* replace \0 to make full string visible to user */
+ if (slen != strlen(buf)) {
+ int i;
+ for (i = 0; i < slen; ++i) {
+ if (!buf[i])
+ buf[i] = '!';
+ }
+ }
/* FIXME: gettextize? */
ret = Sprintf("Bad cert ident %s from %s", buf, hostname);
+ }
else
match_ident = TRUE;
}
w3m-0.5.2-ssl_verify_server_on.patch:
fm.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- NEW FILE w3m-0.5.2-ssl_verify_server_on.patch ---
verify SSL certificates by default. SSL support really is pointless without doing that.
Also disable use of SSLv2 by default as it's insecure, deprecated, dead since last century.
Index: w3m-0.5.2/fm.h
===================================================================
--- w3m-0.5.2.orig/fm.h
+++ w3m-0.5.2/fm.h
@@ -1120,7 +1120,7 @@ global int view_unseenobject init(TRUE);
#endif
#if defined(USE_SSL) && defined(USE_SSL_VERIFY)
-global int ssl_verify_server init(FALSE);
+global int ssl_verify_server init(TRUE);
global char *ssl_cert_file init(NULL);
global char *ssl_key_file init(NULL);
global char *ssl_ca_path init(NULL);
@@ -1129,7 +1129,7 @@ global int ssl_path_modified init(FALSE)
#endif /* defined(USE_SSL) &&
* defined(USE_SSL_VERIFY) */
#ifdef USE_SSL
-global char *ssl_forbid_method init(NULL);
+global char *ssl_forbid_method init("2");
#endif
global int is_redisplay init(FALSE);
Index: w3m.spec
===================================================================
RCS file: /cvs/pkgs/rpms/w3m/F-12/w3m.spec,v
retrieving revision 1.57
retrieving revision 1.58
diff -u -p -r1.57 -r1.58
--- w3m.spec 21 Aug 2009 16:24:33 -0000 1.57
+++ w3m.spec 24 Jun 2010 06:18:06 -0000 1.58
@@ -5,7 +5,7 @@
Name: w3m
Version: 0.5.2
-Release: 15%{?dist}
+Release: 17%{?dist}
License: MIT
URL: http://w3m.sourceforge.net/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -31,9 +31,12 @@ Source14: filter-requires-w3m.sh
%define __find_requires %{SOURCE14}
## fix patch
-Patch15: w3m-0.4.1-helpcharset.patch
-Patch21: w3m-0.5.1-gcc4.patch
-Patch24: w3m-0.5.2-multilib.patch
+Patch0: w3m-0.4.1-helpcharset.patch
+Patch1: w3m-0.5.1-gcc4.patch
+Patch2: w3m-0.5.2-multilib.patch
+Patch4: bug_566101_Fix-DSO-X11.patch
+Patch5: w3m-0.5.2-nulcn.patch
+Patch6: w3m-0.5.2-ssl_verify_server_on.patch
Summary: A pager with Web browsing abilities
Group: Applications/Internet
@@ -68,9 +71,12 @@ linux framebuffer.
chmod 755 doc
chmod 755 doc-jp
-%patch15 -p1
-%patch21 -p1
-%patch24 -p1
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch4 -p0
+%patch5 -p1
+%patch6 -p1
%if %{with_utf8}
pushd doc-jp
@@ -140,6 +146,12 @@ rm -rf $RPM_BUILD_ROOT
%{_libexecdir}/w3m/w3mimgdisplay
%changelog
+* Thu Jun 24 2010 Parag <pnemade AT redhat.com> - 0.5.2-17
+- Resolves:rh#604864-CVE-2010-2074 w3m: doesn't handle NULL in Common Name properly
+
+* Wed Feb 17 2010 Parag <pnemade AT redhat.com> - 0.5.2-16
+- Resolves:rh#566101-FTBFS w3m-0.5.2-16.fc13: ImplicitDSOLinking
+
* Fri Aug 21 2009 Tomas Mraz <tmraz at redhat.com> - 0.5.2-15
- rebuilt with new openssl
More information about the scm-commits
mailing list