From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] wget: Update to 1.20.3
Date: Sat, 06 Apr 2019 16:12:24 +0100
Message-ID: <C1B98005-1CAB-43A1-80FB-A98FEFD5DF36@ipfire.org>
In-Reply-To: <20190405195512.18968-1-matthias.fischer@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============6985006253854367617=="
List-Id: <development.lists.ipfire.org>

--===============6985006253854367617==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hey,

Not very good to see those vulnerabilities.

Merged.

-Michael

> On 5 Apr 2019, at 20:55, Matthias Fischer <matthias.fischer(a)ipfire.org> w=
rote:
>=20
> For details see:
> https://fossies.org/linux/wget/ChangeLog
>=20
> Excerpt from "NEWS":
>=20
> "2019-04-05  Tim Ruehsen  <tim.ruehsen(a)gmx.de>
>=20
> Fix a buffer overflow vulnerability
> * src/iri.c(do_conversion): Reallocate the output buffer to a larger
>  size if it is already full"
>=20
> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> ---
> lfs/wget | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>=20
> diff --git a/lfs/wget b/lfs/wget
> index ac2fa826c..00ca75033 100644
> --- a/lfs/wget
> +++ b/lfs/wget
> @@ -24,7 +24,7 @@
>=20
> include Config
>=20
> -VER        =3D 1.20.2
> +VER        =3D 1.20.3
>=20
> THISAPP    =3D wget-$(VER)
> DL_FILE    =3D $(THISAPP).tar.gz
> @@ -40,7 +40,7 @@ objects =3D $(DL_FILE)
>=20
> $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
>=20
> -$(DL_FILE)_MD5 =3D 2692f6678e93601441306b5c1fc6a77a
> +$(DL_FILE)_MD5 =3D db4e6dc7977cbddcd543b240079a4899
>=20
> install : $(TARGET)
>=20
> --=20
> 2.18.0
>=20


--===============6985006253854367617==--