Hello community, here is the log from the commit of package w3m for openSUSE:Factory checked in at 2016-12-02 16:36:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/w3m (Old) and /work/SRC/openSUSE:Factory/.w3m.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "w3m" Changes: -------- --- /work/SRC/openSUSE:Factory/w3m/w3m.changes 2016-06-29 15:08:55.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.w3m.new/w3m.changes 2016-12-02 16:36:58.000000000 +0100 @@ -2 +2,57 @@ -Fri Jun 24 08:09:45 UTC 2016 - fweiss@suse.com +Thu Nov 24 11:18:22 UTC 2016 - Thomas.Blume@suse.com + +- update to debian git version (bsc#1011293) + addressed security issues: + CVE-2016-9621: w3m: global-buffer-overflow write (bsc#1012020) + CVE-2016-9622: w3m: null deref (bsc#1012021) + CVE-2016-9623: w3m: null deref (bsc#1012022) + CVE-2016-9624: w3m: near-null deref (bsc#1012023) + CVE-2016-9625: w3m: stack overflow (bsc#1012024) + CVE-2016-9626: w3m: stack overflow (bsc#1012025) + CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026) + CVE-2016-9628: w3m: null deref (bsc#1012027) + CVE-2016-9629: w3m: null deref (bsc#1012028) + CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029) + CVE-2016-9631: w3m: null deref (bsc#1012030) + CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031) + CVE-2016-9633: w3m: OOM (bsc#1012032) + CVE-2016-9434: w3m: null deref (bsc#1011283) + CVE-2016-9435: w3m: use uninit value (bsc#1011284) + CVE-2016-9436: w3m: use uninit value (bsc#1011285) + CVE-2016-9437: w3m: write to rodata (bsc#1011286) + CVE-2016-9438: w3m: null deref (bsc#1011287) + CVE-2016-9439: w3m: stack overflow (bsc#1011288) + CVE-2016-9440: w3m: near-null deref (bsc#1011289) + CVE-2016-9441: w3m: near-null deref (bsc#1011290) + CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291) + CVE-2016-9443: w3m: null deref (bsc#1011292) + + dropped patches: + w3m-fix-build-with-imlib2-1.4.6.patch + w3m-scheme.patch + w3mman-formatting.patch + w3m-parallel-make.patch + w3m-gc7.diff + w3m-openssl.patch + w3m-closedir.patch + w3m-fh-def.patch + w3m-ssl-verify.patch + w3m-parsetagx-crash.patch + w3m-tempdir-override.patch + w3m-0.5.1-no-ASCII-equivalents-by-default.patch + w3m-uninitialized.patch + w3m-inline-image.patch + w3m-0.4.1-textarea-segfault.dif + + ported patches: + w3m-disable-cookie-special-domain-check.patch to + 0001-allow-to-configure-the-accept-option-for-bad-cookies.patch + w3m-0.4.1-session-mgmt.dif to + 0001-implements-simple-session-management.patch + w3m-history-crossdev.patch to + 0001-handle-EXDEV-during-history-file-rename.patch + w3mman-formatting.patch to + 0001-w3mman-don-t-show-invalid-characters-bsc-950800.patch + +------------------------------------------------------------------- +Fri Jun 24 07:24:53 UTC 2016 - fweiss@suse.com Old: ---- w3m-0.4.1-session-mgmt.dif w3m-0.4.1-textarea-segfault.dif w3m-0.5.1-no-ASCII-equivalents-by-default.patch w3m-0.5.3.tar.bz2 w3m-closedir.patch w3m-disable-cookie-special-domain-check.patch w3m-fh-def.patch w3m-fix-build-with-imlib2-1.4.6.patch w3m-gc7.diff w3m-history-crossdev.patch w3m-inline-image.patch w3m-openssl.patch w3m-parallel-make.patch w3m-parsetagx-crash.patch w3m-scheme.patch w3m-ssl-verify.patch w3m-tempdir-override.patch w3m-uninitialized.patch w3mman-formatting.patch New: ---- 0001-allow-to-configure-the-accept-option-for-bad-cookies.patch 0001-handle-EXDEV-during-history-file-rename.patch 0001-implements-simple-session-management.patch 0001-w3mman-don-t-show-invalid-characters-bsc-950800.patch _service w3m-0.5.3.git20161120.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ w3m.spec ++++++ --- /var/tmp/diff_new_pack.p2W3ms/_old 2016-12-02 16:36:59.000000000 +0100 +++ /var/tmp/diff_new_pack.p2W3ms/_new 2016-12-02 16:36:59.000000000 +0100 @@ -18,31 +18,17 @@ Name: w3m Url: http://w3m.sourceforge.net/ -Version: 0.5.3 +Version: 0.5.3.git20161120 Release: 0 Summary: A text-based WWW browser License: ISC Group: Productivity/Networking/Web/Browsers -Source: http://prdownloads.sourceforge.net/w3m/w3m-%version.tar.bz2 -Patch0: w3m-disable-cookie-special-domain-check.patch -Patch1: w3m-0.4.1-textarea-segfault.dif -Patch2: w3m-0.4.1-session-mgmt.dif -Patch4: w3m-inline-image.patch -Patch5: w3m-uninitialized.patch -Patch6: w3m-0.5.1-no-ASCII-equivalents-by-default.patch -Patch7: w3m-tempdir-override.patch -Patch8: w3m-parsetagx-crash.patch -Patch9: w3m-history-crossdev.patch -Patch11: w3m-ssl-verify.patch -Patch12: w3m-closedir.patch -Patch13: w3m-parallel-make.patch -Patch14: w3m-fix-build-with-imlib2-1.4.6.patch -Patch15: w3m-scheme.patch -Patch16: w3mman-formatting.patch -Patch503: w3m-fh-def.patch -Patch504: w3m-openssl.patch -Patch505: w3m-gc7.diff +Source0: w3m-%{version}.tar.xz +Patch0: 0001-allow-to-configure-the-accept-option-for-bad-cookies.patch +Patch1: 0001-implements-simple-session-management.patch +Patch2: 0001-handle-EXDEV-during-history-file-rename.patch +Patch3: 0001-w3mman-don-t-show-invalid-characters-bsc-950800.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: gc-devel @@ -92,26 +78,12 @@ terminal (if it runs in a graphical X Window System environment). %prep -%setup -q +%setup -q -n w3m-%{version} find -name CVS -exec rm -Rf "{}" "+" %patch0 -p1 %patch1 -p1 -%patch2 -%patch4 -%patch5 -%patch6 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 -%patch11 -%patch12 -%patch13 -p1 -%patch14 -p1 -%patch15 -p1 -%patch16 -p1 -%patch503 -%patch504 -%patch -P 505 -p1 +%patch2 -p1 +%patch3 -p1 %build export CFLAGS="$RPM_OPT_FLAGS -DUSE_BUFINFO -DOPENSSL_NO_SSL_INTERN -D_GNU_SOURCE $(getconf LFS_CFLAGS) -fno-strict-aliasing `ncursesw6-config --cflags` -fPIE" @@ -152,6 +124,7 @@ /usr/bin/w3m /usr/bin/w3mman %doc doc/* +%_mandir/de/man1/w3m* %_libdir/w3m %exclude %_libdir/w3m/w3mimgdisplay %lang(ja)%doc %_mandir/ja ++++++ 0001-allow-to-configure-the-accept-option-for-bad-cookies.patch ++++++
From 9b0095164cec0d01ac3f08cf1d0f6c3fc0290a84 Mon Sep 17 00:00:00 2001 From: Thomas Blume
Date: Thu, 24 Nov 2016 14:13:36 +0100 Subject: [PATCH] allow to configure the "accept" option for bad cookies
port of: w3m-disable-cookie-special-domain-check.patch --- fm.h | 2 +- rc.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fm.h b/fm.h index 96d3ab3..2227ec4 100644 --- a/fm.h +++ b/fm.h @@ -748,7 +748,7 @@ struct cookie { /* version 1' refers to the Internet draft to obsolete RFC 2109 */ #define COO_EINTERNAL (1) /* unknown error; probably forgot to convert "return 1" in cookie.c */ #define COO_ETAIL (2 | COO_OVERRIDE_OK) /* tail match failed (version 0) */ -#define COO_ESPECIAL (3) /* special domain check failed (version 0) */ +#define COO_ESPECIAL (3 | COO_OVERRIDE_OK) /* special domain check failed (version 0) */ #define COO_EPATH (4) /* Path attribute mismatch (version 1 case 1) */ #define COO_ENODOT (5 | COO_OVERRIDE_OK) /* no embedded dots in Domain (version 1 case 2.1) */ #define COO_ENOTV1DOM (6 | COO_OVERRIDE_OK) /* Domain does not start with a dot (version 1 case 2.2) */ diff --git a/rc.c b/rc.c index 7de87b8..aa872c2 100644 --- a/rc.c +++ b/rc.c @@ -326,7 +326,7 @@ static struct sel_c dnsorders[] = { #ifdef USE_COOKIE static struct sel_c badcookiestr[] = { {N_S(ACCEPT_BAD_COOKIE_DISCARD), N_("discard")}, -#if 0 +#if 1 {N_S(ACCEPT_BAD_COOKIE_ACCEPT), N_("accept")}, #endif {N_S(ACCEPT_BAD_COOKIE_ASK), N_("ask")}, -- 2.6.6 ++++++ 0001-handle-EXDEV-during-history-file-rename.patch ++++++
From 93ed62a6cb58b4c90872e28b1306e122ad7668b7 Mon Sep 17 00:00:00 2001 From: Thomas Blume
Date: Thu, 24 Nov 2016 14:38:32 +0100 Subject: [PATCH] handle EXDEV during history file rename
port of: w3m-history-crossdev.patch --- history.c | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/history.c b/history.c index 471059e..209385b 100644 --- a/history.c +++ b/history.c @@ -68,12 +68,14 @@ loadHistory(Hist *hist) void saveHistory(Hist *hist, size_t size) { - FILE *f; + FILE *f, *h = NULL; HistItem *item; char *tmpf; int rename_ret; #define FNAMELEN 255 char fname[FNAMELEN+1] = HISTORY_FILE; + char buf[4096]; + size_t rs, ws, remaining; if (hist == NULL || hist->list == NULL) return; @@ -99,7 +101,30 @@ saveHistory(Hist *hist, size_t size) strncat(fname, Session, FNAMELEN -6 - strlen(fname)); } rename_ret = rename(tmpf, rcFile(fname)); - if (rename_ret != 0) { + + if (rename_ret == -1 && errno == EXDEV) { + if ((f = fopen(tmpf, "r")) && (h = fopen(rcFile(fname), "w"))) { + while (1) { + rs = fread(buf, 1, sizeof(buf), f); + if (rs == 0 || rs > sizeof(buf)) + break; + ws = fwrite(buf, 1, rs, h); + if (ws == rs) + continue; + if (ws == 0 || ws > rs) + break; + remaining = rs - ws; + while (remaining > 0) { + ws = fwrite(buf + (rs - remaining), 1, remaining, h); + if (ws == 0 || ws > remaining) + break; + remaining -= ws; + } + } + } + if (f) fclose(f); + if (h) fclose(h); + } else if (rename_ret != 0) { disp_err_message("Can't save history", FALSE); return; } -- 2.6.6 ++++++ 0001-implements-simple-session-management.patch ++++++
From 8efbb1f90525d91c0f0bac38a678dd8d5f81d723 Mon Sep 17 00:00:00 2001 From: Thomas Blume
Date: Thu, 24 Nov 2016 14:27:18 +0100 Subject: [PATCH] implements simple session management
added new option "-session=<sessionname>"
port of: w3m-0.4.1-session-mgmt.dif
---
fm.h | 1 +
history.c | 22 ++++++++++++++++++++--
main.c | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
3 files changed, 84 insertions(+), 3 deletions(-)
diff --git a/fm.h b/fm.h
index 2227ec4..c016693 100644
--- a/fm.h
+++ b/fm.h
@@ -959,6 +959,7 @@ global int emacs_like_lineedit init(FALSE);
global int vi_prec_num init(FALSE);
global int label_topline init(FALSE);
global int nextpage_topline init(FALSE);
+global char *Session init(NULL);
global char *displayTitleTerm init(NULL);
global int displayLink init(FALSE);
global int displayLinkNumber init(FALSE);
diff --git a/history.c b/history.c
index f2a00b4..471059e 100644
--- a/history.c
+++ b/history.c
@@ -1,5 +1,6 @@
/* $Id: history.c,v 1.11 2003/09/26 17:59:51 ukai Exp $ */
#include "fm.h"
+#include
From c3e30bc08f5a23ab77e6e70484ead9604e433121 Mon Sep 17 00:00:00 2001 From: Thomas Blume
Date: Thu, 24 Nov 2016 11:53:59 +0100 Subject: [PATCH] w3mman: don't show invalid characters (bsc#950800)
[tblume: port of w3mman-formatting.patch] --- scripts/w3mman/w3mman2html.cgi.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/w3mman/w3mman2html.cgi.in b/scripts/w3mman/w3mman2html.cgi.in index 2cd00f9..0ff63ee 100644 --- a/scripts/w3mman/w3mman2html.cgi.in +++ b/scripts/w3mman/w3mman2html.cgi.in @@ -75,7 +75,7 @@ if ($query{"local"}) { if (! ($file =~ /^\//)) { $file = $query{"pwd"} . '/' . $file; } - open(F, "MAN_KEEP_FORMATTING=1 $MAN -l $file 2> /dev/null |"); + open(F, "$MAN -l $file 2> /dev/null |"); } else { $man = $query{"man"}; if ($man =~ s/\((\w+)\)$//) { @@ -91,7 +91,7 @@ if ($query{"local"}) { $section =~ s:([^-\w\200-\377.,])::g; $man =~ s:([^-\w\200-\377.,])::g; - open(F, "MAN_KEEP_FORMATTING=1 $MAN $section $man 2> /dev/null |"); + open(F, "$MAN $section $man 2> /dev/null |"); } $ok = 0; undef $header; -- 2.6.6 ++++++ _service ++++++ <services> <service name="tar_scm" mode="disabled"> <param name="scm">git</param> <param name="url">https://github.com/tblume/w3m.git</param> <param name="subdir"></param> <param name="filename">w3m</param> <param name="version">0.5.3.git20161120</param> <param name="revision">master</param> </service> <service name="recompress" mode="disabled"> <param name="file">*w3m*.tar</param> <param name="compression">xz</param> </service> </services>