Message ID | 20180506225048.15084-1-matthias.fischer@ipfire.org |
---|---|
State | Dropped |
Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.i.ipfire.org (Postfix) with ESMTP id 42EEA60726 for <patchwork@web02.i.ipfire.org>; Mon, 7 May 2018 00:50:57 +0200 (CEST) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id B348E10F5EAB; Sun, 6 May 2018 23:50:56 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1525647057; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:content-type: content-transfer-encoding:in-reply-to:references:list-id: list-unsubscribe:list-subscribe:list-post; bh=gMtD8vuczRHN28NC3kLg0/y0jL6IGj+0wFLyQ0TVkwY=; b=Rxy8N5J6EaCUPsrmR36sOtTWsBO3fk950V/AcsgvfsXftkzkOs6zRRHA/ouYBQ9Sd+Yqeb nnN+nNv0LRXLxd9sGOSU9Iz6xCD/Ylj9ZHClsRHnh0Y+lGeYWh0GTlCWd/3m+DgWWmlGic lX+rgj4h3kVUUmjya2T7B7syPSpNzuKPWdkMYFPU5yLnBnxlmEsGga1auDQnuWmX8F4tjH 6rex1nwbB/5QHniQNt2OHAUg+xrrrdEBsQr9CEyEtD0YeCQXVxcfw3vB0v/vr9VYThnu+n sK9oq83vhCfmsHj+IBgyV4GjsaUF+ogy0/F0t0C3gRfj9Y1V2SkLuDXjlpx1Mw== Authentication-Results: mail01.i.ipfire.org; auth=pass smtp.auth=mfischer smtp.mailfrom=matthias.fischer@ipfire.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1525647053; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:content-type: content-transfer-encoding:in-reply-to:references; bh=gMtD8vuczRHN28NC3kLg0/y0jL6IGj+0wFLyQ0TVkwY=; b=Rwjlqof3Ages8wuvDwlfkSF8XMXwdm426LtQGkNJR3KCKKELiOB/ipi0DY1lwjm/15JRPI eWO15TLtzcE56/bSIfO3P6nGrrfLhaph19x5p4JoelmYRkWn2gPgQV/+4A6Nqcj1U/Gx7R XAQ3ePNn6em6G7lKfuT5Axc2cj+IXFdzS75oxcd7mFH5G1Cm34SoVo0vaFP/oK/anrkBH6 fy9fq1uq5JjOsoJwsrxPbYzkeE2hhZZiyGzCDg4HS3W4xhczhDk0x5sEAruWItBGurQnYV 1YCOHwEIGvfxbTsCezKQTA+0IVsnx5ZP85+wDtTGqtlNTxo2mrccGUEFgV4UFQ== Received: from Devel.localdomain (p5B0A1994.dip0.t-ipconnect.de [91.10.25.148]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 94AD11045EDE for <development@lists.ipfire.org>; Sun, 6 May 2018 23:50:53 +0100 (BST) From: Matthias Fischer <matthias.fischer@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] wget: Update to 1.9.5 Date: Mon, 7 May 2018 00:50:48 +0200 Message-Id: <20180506225048.15084-1-matthias.fischer@ipfire.org> X-Mailer: git-send-email 2.17.0 X-Spamd-Result: default: False [-2.10 / 11.00]; ASN(0.00)[asn:3320, ipnet:91.0.0.0/10, country:DE]; DKIM_SIGNED(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%]; ARC_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MID_CONTAINS_FROM(1.00)[]; RCVD_COUNT_ZERO(0.00)[0]; RCPT_COUNT_ONE(0.00)[1]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[] X-Spam-Status: No, score=-2.10 X-Rspamd-Server: mail01.i.ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <https://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Series |
wget: Update to 1.9.5
|
|
Commit Message
Matthias Fischer
May 7, 2018, 8:50 a.m. UTC
Hi,
Excerpts from official announcement:
"This version fixes CVE-2018-0494 (Cookie injection vulnerability) found
by Harry Sintonen.
This version fixes several issues, mostly found by OSS-Fuzz.
It also introduces TLS1.3 with OpenSSL, a new option --ciphers and
updates the CSS grammar to version 2.2.
...
Noteworthy changes:
* Fix cookie injection (CVE-2018-0494)
* Enable TLS1.3 with recent OpenSSL environment
* New option --ciphers to set GnuTLS / OpenSSL ciphers directly
* Updated CSS grammar to CSS 2.2
* Fixed several memleaks found by OSS-Fuzz
* Fixed several buffer overflows found by OSS-Fuzz
* Fixed several integer overflows found by OSS-Fuzz
* Several minor bug fixes"
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
lfs/wget | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Comments
Hi, sorry, dropped - typo in subject. On 07.05.2018 00:50, Matthias Fischer wrote: > Hi, > > Excerpts from official announcement: > > "This version fixes CVE-2018-0494 (Cookie injection vulnerability) found > by Harry Sintonen. > This version fixes several issues, mostly found by OSS-Fuzz. > It also introduces TLS1.3 with OpenSSL, a new option --ciphers and > updates the CSS grammar to version 2.2. > ... > Noteworthy changes: > > * Fix cookie injection (CVE-2018-0494) > * Enable TLS1.3 with recent OpenSSL environment > * New option --ciphers to set GnuTLS / OpenSSL ciphers directly > * Updated CSS grammar to CSS 2.2 > * Fixed several memleaks found by OSS-Fuzz > * Fixed several buffer overflows found by OSS-Fuzz > * Fixed several integer overflows found by OSS-Fuzz > * Several minor bug fixes" > > Best, > Matthias > > Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> > --- > lfs/wget | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/lfs/wget b/lfs/wget > index 7a5cdbb11..39f59ba80 100644 > --- a/lfs/wget > +++ b/lfs/wget > @@ -24,7 +24,7 @@ > > include Config > > -VER = 1.19.4 > +VER = 1.19.5 > > THISAPP = wget-$(VER) > DL_FILE = $(THISAPP).tar.gz > @@ -40,7 +40,7 @@ objects = $(DL_FILE) > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > -$(DL_FILE)_MD5 = a2a2c1dc4ac5003fc25a8e60b4a9464e > +$(DL_FILE)_MD5 = 2db6f03d655041f82eb64b8c8a1fa7da > > install : $(TARGET) > >
diff --git a/lfs/wget b/lfs/wget index 7a5cdbb11..39f59ba80 100644 --- a/lfs/wget +++ b/lfs/wget @@ -24,7 +24,7 @@ include Config -VER = 1.19.4 +VER = 1.19.5 THISAPP = wget-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = a2a2c1dc4ac5003fc25a8e60b4a9464e +$(DL_FILE)_MD5 = 2db6f03d655041f82eb64b8c8a1fa7da install : $(TARGET)