Bug#926888: unblock: wget/1.20.1-1.1

Salvatore Bonaccorso Thu, 11 Apr 2019 13:09:58 -0700

Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock


Hi,

Please unblock package wget

It fixes CVE-2019-5953, #926389 a buffer overflow vulnerability in the
handling of Internationalized Resource Identifiers (IRI), it was
adressed as well in DSA-4425-1 for stretch.

Attached is the debdiff between 1.20.1-1 and 1.20.1-1.1.

unblock wget/1.20.1-1.1

Regards,
Salvatore

diff -Nru wget-1.20.1/debian/changelog wget-1.20.1/debian/changelog
--- wget-1.20.1/debian/changelog        2018-12-27 18:53:18.000000000 +0100
+++ wget-1.20.1/debian/changelog        2019-04-05 15:36:38.000000000 +0200
@@ -1,3 +1,10 @@
+wget (1.20.1-1.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Fix a buffer overflow vulnerability (CVE-2019-5953) (Closes: #926389)
+
+ -- Salvatore Bonaccorso <car...@debian.org>  Fri, 05 Apr 2019 15:36:38 +0200
+
 wget (1.20.1-1) unstable; urgency=high
 
   * new upstream release 2018-12-26
diff -Nru wget-1.20.1/debian/patches/Fix-a-buffer-overflow-vulnerability.patch 
wget-1.20.1/debian/patches/Fix-a-buffer-overflow-vulnerability.patch
--- wget-1.20.1/debian/patches/Fix-a-buffer-overflow-vulnerability.patch        
1970-01-01 01:00:00.000000000 +0100
+++ wget-1.20.1/debian/patches/Fix-a-buffer-overflow-vulnerability.patch        
2019-04-05 15:36:38.000000000 +0200
@@ -0,0 +1,30 @@
+From: Tim Ruehsen <tim.rueh...@gmx.de>
+Date: Fri, 5 Apr 2019 11:50:44 +0200
+Subject: Fix a buffer overflow vulnerability
+Origin: 
https://git.savannah.gnu.org/cgit/wget.git/commit/?id=692d5c5215de0db482c252492a92fc424cc6a97c,
+ 
https://git.savannah.gnu.org/cgit/wget.git/commit/?id=562eacb76a2b64d5dc80a443f0f739bc9ef76c17
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-5953
+Bug-Debian: https://bugs.debian.org/926389
+
+* src/iri.c(do_conversion): Reallocate the output buffer to a larger
+  size if it is already full
+---
+ src/iri.c | 12 +++++++++---
+ 1 file changed, 9 insertions(+), 3 deletions(-)
+
+--- a/src/iri.c
++++ b/src/iri.c
+@@ -189,9 +189,10 @@ do_conversion (const char *tocode, const
+         {
+           tooshort++;
+           done = len;
+-          len = outlen = done + inlen * 2;
+-          s = xrealloc (s, outlen + 1);
+-          *out = s + done;
++          len = done + inlen * 2;
++          s = xrealloc (s, len + 1);
++          *out = s + done - outlen;
++          outlen += inlen * 2;
+         }
+       else /* Weird, we got an unspecified error */
+         {
diff -Nru wget-1.20.1/debian/patches/series wget-1.20.1/debian/patches/series
--- wget-1.20.1/debian/patches/series   2018-12-15 18:07:46.000000000 +0100
+++ wget-1.20.1/debian/patches/series   2019-04-05 15:36:38.000000000 +0200
@@ -1,3 +1,4 @@
 wget-doc-remove-usr-local-in-sample.wgetrc
 wget-doc-remove-usr-local-in-wget.texi
 wget-passive_ftp-default
+Fix-a-buffer-overflow-vulnerability.patch

Bug#926888: unblock: wget/1.20.1-1.1

Reply via email to