Hello community, here is the log from the commit of package w3m for openSUSE:Factory checked in at 2016-12-02 16:36:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/w3m (Old) and /work/SRC/openSUSE:Factory/.w3m.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "w3m" Changes: -------- --- /work/SRC/openSUSE:Factory/w3m/w3m.changes 2016-06-29 15:08:55.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.w3m.new/w3m.changes 2016-12-02 16:36:58.000000000 +0100 @@ -2 +2,57 @@ -Fri Jun 24 08:09:45 UTC 2016 - [email protected] +Thu Nov 24 11:18:22 UTC 2016 - [email protected] + +- update to debian git version (bsc#1011293) + addressed security issues: + CVE-2016-9621: w3m: global-buffer-overflow write (bsc#1012020) + CVE-2016-9622: w3m: null deref (bsc#1012021) + CVE-2016-9623: w3m: null deref (bsc#1012022) + CVE-2016-9624: w3m: near-null deref (bsc#1012023) + CVE-2016-9625: w3m: stack overflow (bsc#1012024) + CVE-2016-9626: w3m: stack overflow (bsc#1012025) + CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026) + CVE-2016-9628: w3m: null deref (bsc#1012027) + CVE-2016-9629: w3m: null deref (bsc#1012028) + CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029) + CVE-2016-9631: w3m: null deref (bsc#1012030) + CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031) + CVE-2016-9633: w3m: OOM (bsc#1012032) + CVE-2016-9434: w3m: null deref (bsc#1011283) + CVE-2016-9435: w3m: use uninit value (bsc#1011284) + CVE-2016-9436: w3m: use uninit value (bsc#1011285) + CVE-2016-9437: w3m: write to rodata (bsc#1011286) + CVE-2016-9438: w3m: null deref (bsc#1011287) + CVE-2016-9439: w3m: stack overflow (bsc#1011288) + CVE-2016-9440: w3m: near-null deref (bsc#1011289) + CVE-2016-9441: w3m: near-null deref (bsc#1011290) + CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291) + CVE-2016-9443: w3m: null deref (bsc#1011292) + + dropped patches: + w3m-fix-build-with-imlib2-1.4.6.patch + w3m-scheme.patch + w3mman-formatting.patch + w3m-parallel-make.patch + w3m-gc7.diff + w3m-openssl.patch + w3m-closedir.patch + w3m-fh-def.patch + w3m-ssl-verify.patch + w3m-parsetagx-crash.patch + w3m-tempdir-override.patch + w3m-0.5.1-no-ASCII-equivalents-by-default.patch + w3m-uninitialized.patch + w3m-inline-image.patch + w3m-0.4.1-textarea-segfault.dif + + ported patches: + w3m-disable-cookie-special-domain-check.patch to + 0001-allow-to-configure-the-accept-option-for-bad-cookies.patch + w3m-0.4.1-session-mgmt.dif to + 0001-implements-simple-session-management.patch + w3m-history-crossdev.patch to + 0001-handle-EXDEV-during-history-file-rename.patch + w3mman-formatting.patch to + 0001-w3mman-don-t-show-invalid-characters-bsc-950800.patch + +------------------------------------------------------------------- +Fri Jun 24 07:24:53 UTC 2016 - [email protected] Old: ---- w3m-0.4.1-session-mgmt.dif w3m-0.4.1-textarea-segfault.dif w3m-0.5.1-no-ASCII-equivalents-by-default.patch w3m-0.5.3.tar.bz2 w3m-closedir.patch w3m-disable-cookie-special-domain-check.patch w3m-fh-def.patch w3m-fix-build-with-imlib2-1.4.6.patch w3m-gc7.diff w3m-history-crossdev.patch w3m-inline-image.patch w3m-openssl.patch w3m-parallel-make.patch w3m-parsetagx-crash.patch w3m-scheme.patch w3m-ssl-verify.patch w3m-tempdir-override.patch w3m-uninitialized.patch w3mman-formatting.patch New: ---- 0001-allow-to-configure-the-accept-option-for-bad-cookies.patch 0001-handle-EXDEV-during-history-file-rename.patch 0001-implements-simple-session-management.patch 0001-w3mman-don-t-show-invalid-characters-bsc-950800.patch _service w3m-0.5.3.git20161120.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ w3m.spec ++++++ --- /var/tmp/diff_new_pack.p2W3ms/_old 2016-12-02 16:36:59.000000000 +0100 +++ /var/tmp/diff_new_pack.p2W3ms/_new 2016-12-02 16:36:59.000000000 +0100 @@ -18,31 +18,17 @@ Name: w3m Url: http://w3m.sourceforge.net/ -Version: 0.5.3 +Version: 0.5.3.git20161120 Release: 0 Summary: A text-based WWW browser License: ISC Group: Productivity/Networking/Web/Browsers -Source: http://prdownloads.sourceforge.net/w3m/w3m-%version.tar.bz2 -Patch0: w3m-disable-cookie-special-domain-check.patch -Patch1: w3m-0.4.1-textarea-segfault.dif -Patch2: w3m-0.4.1-session-mgmt.dif -Patch4: w3m-inline-image.patch -Patch5: w3m-uninitialized.patch -Patch6: w3m-0.5.1-no-ASCII-equivalents-by-default.patch -Patch7: w3m-tempdir-override.patch -Patch8: w3m-parsetagx-crash.patch -Patch9: w3m-history-crossdev.patch -Patch11: w3m-ssl-verify.patch -Patch12: w3m-closedir.patch -Patch13: w3m-parallel-make.patch -Patch14: w3m-fix-build-with-imlib2-1.4.6.patch -Patch15: w3m-scheme.patch -Patch16: w3mman-formatting.patch -Patch503: w3m-fh-def.patch -Patch504: w3m-openssl.patch -Patch505: w3m-gc7.diff +Source0: w3m-%{version}.tar.xz +Patch0: 0001-allow-to-configure-the-accept-option-for-bad-cookies.patch +Patch1: 0001-implements-simple-session-management.patch +Patch2: 0001-handle-EXDEV-during-history-file-rename.patch +Patch3: 0001-w3mman-don-t-show-invalid-characters-bsc-950800.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: gc-devel @@ -92,26 +78,12 @@ terminal (if it runs in a graphical X Window System environment). %prep -%setup -q +%setup -q -n w3m-%{version} find -name CVS -exec rm -Rf "{}" "+" %patch0 -p1 %patch1 -p1 -%patch2 -%patch4 -%patch5 -%patch6 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 -%patch11 -%patch12 -%patch13 -p1 -%patch14 -p1 -%patch15 -p1 -%patch16 -p1 -%patch503 -%patch504 -%patch -P 505 -p1 +%patch2 -p1 +%patch3 -p1 %build export CFLAGS="$RPM_OPT_FLAGS -DUSE_BUFINFO -DOPENSSL_NO_SSL_INTERN -D_GNU_SOURCE $(getconf LFS_CFLAGS) -fno-strict-aliasing `ncursesw6-config --cflags` -fPIE" @@ -152,6 +124,7 @@ /usr/bin/w3m /usr/bin/w3mman %doc doc/* +%_mandir/de/man1/w3m* %_libdir/w3m %exclude %_libdir/w3m/w3mimgdisplay %lang(ja)%doc %_mandir/ja ++++++ 0001-allow-to-configure-the-accept-option-for-bad-cookies.patch ++++++ >From 9b0095164cec0d01ac3f08cf1d0f6c3fc0290a84 Mon Sep 17 00:00:00 2001 From: Thomas Blume <[email protected]> Date: Thu, 24 Nov 2016 14:13:36 +0100 Subject: [PATCH] allow to configure the "accept" option for bad cookies port of: w3m-disable-cookie-special-domain-check.patch --- fm.h | 2 +- rc.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fm.h b/fm.h index 96d3ab3..2227ec4 100644 --- a/fm.h +++ b/fm.h @@ -748,7 +748,7 @@ struct cookie { /* version 1' refers to the Internet draft to obsolete RFC 2109 */ #define COO_EINTERNAL (1) /* unknown error; probably forgot to convert "return 1" in cookie.c */ #define COO_ETAIL (2 | COO_OVERRIDE_OK) /* tail match failed (version 0) */ -#define COO_ESPECIAL (3) /* special domain check failed (version 0) */ +#define COO_ESPECIAL (3 | COO_OVERRIDE_OK) /* special domain check failed (version 0) */ #define COO_EPATH (4) /* Path attribute mismatch (version 1 case 1) */ #define COO_ENODOT (5 | COO_OVERRIDE_OK) /* no embedded dots in Domain (version 1 case 2.1) */ #define COO_ENOTV1DOM (6 | COO_OVERRIDE_OK) /* Domain does not start with a dot (version 1 case 2.2) */ diff --git a/rc.c b/rc.c index 7de87b8..aa872c2 100644 --- a/rc.c +++ b/rc.c @@ -326,7 +326,7 @@ static struct sel_c dnsorders[] = { #ifdef USE_COOKIE static struct sel_c badcookiestr[] = { {N_S(ACCEPT_BAD_COOKIE_DISCARD), N_("discard")}, -#if 0 +#if 1 {N_S(ACCEPT_BAD_COOKIE_ACCEPT), N_("accept")}, #endif {N_S(ACCEPT_BAD_COOKIE_ASK), N_("ask")}, -- 2.6.6 ++++++ 0001-handle-EXDEV-during-history-file-rename.patch ++++++ >From 93ed62a6cb58b4c90872e28b1306e122ad7668b7 Mon Sep 17 00:00:00 2001 From: Thomas Blume <[email protected]> Date: Thu, 24 Nov 2016 14:38:32 +0100 Subject: [PATCH] handle EXDEV during history file rename port of: w3m-history-crossdev.patch --- history.c | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/history.c b/history.c index 471059e..209385b 100644 --- a/history.c +++ b/history.c @@ -68,12 +68,14 @@ loadHistory(Hist *hist) void saveHistory(Hist *hist, size_t size) { - FILE *f; + FILE *f, *h = NULL; HistItem *item; char *tmpf; int rename_ret; #define FNAMELEN 255 char fname[FNAMELEN+1] = HISTORY_FILE; + char buf[4096]; + size_t rs, ws, remaining; if (hist == NULL || hist->list == NULL) return; @@ -99,7 +101,30 @@ saveHistory(Hist *hist, size_t size) strncat(fname, Session, FNAMELEN -6 - strlen(fname)); } rename_ret = rename(tmpf, rcFile(fname)); - if (rename_ret != 0) { + + if (rename_ret == -1 && errno == EXDEV) { + if ((f = fopen(tmpf, "r")) && (h = fopen(rcFile(fname), "w"))) { + while (1) { + rs = fread(buf, 1, sizeof(buf), f); + if (rs == 0 || rs > sizeof(buf)) + break; + ws = fwrite(buf, 1, rs, h); + if (ws == rs) + continue; + if (ws == 0 || ws > rs) + break; + remaining = rs - ws; + while (remaining > 0) { + ws = fwrite(buf + (rs - remaining), 1, remaining, h); + if (ws == 0 || ws > remaining) + break; + remaining -= ws; + } + } + } + if (f) fclose(f); + if (h) fclose(h); + } else if (rename_ret != 0) { disp_err_message("Can't save history", FALSE); return; } -- 2.6.6 ++++++ 0001-implements-simple-session-management.patch ++++++ >From 8efbb1f90525d91c0f0bac38a678dd8d5f81d723 Mon Sep 17 00:00:00 2001 From: Thomas Blume <[email protected]> Date: Thu, 24 Nov 2016 14:27:18 +0100 Subject: [PATCH] implements simple session management added new option "-session=<sessionname>" port of: w3m-0.4.1-session-mgmt.dif --- fm.h | 1 + history.c | 22 ++++++++++++++++++++-- main.c | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 84 insertions(+), 3 deletions(-) diff --git a/fm.h b/fm.h index 2227ec4..c016693 100644 --- a/fm.h +++ b/fm.h @@ -959,6 +959,7 @@ global int emacs_like_lineedit init(FALSE); global int vi_prec_num init(FALSE); global int label_topline init(FALSE); global int nextpage_topline init(FALSE); +global char *Session init(NULL); global char *displayTitleTerm init(NULL); global int displayLink init(FALSE); global int displayLinkNumber init(FALSE); diff --git a/history.c b/history.c index f2a00b4..471059e 100644 --- a/history.c +++ b/history.c @@ -1,5 +1,6 @@ /* $Id: history.c,v 1.11 2003/09/26 17:59:51 ukai Exp $ */ #include "fm.h" +#include <errno.h> #ifdef USE_HISTORY Buffer * @@ -36,11 +37,21 @@ loadHistory(Hist *hist) { FILE *f; Str line; +#define FNAMELEN 255 + char fname[FNAMELEN+1] = HISTORY_FILE; + if (hist == NULL) return; - if ((f = fopen(rcFile(HISTORY_FILE), "rt")) == NULL) + if (Session) { + strncat(fname, ".", FNAMELEN -6 - strlen(fname)); + strncat(fname, Session, FNAMELEN -6 - strlen(fname)); + } + if ((f = fopen(rcFile(fname), "rt")) == NULL) { + if (errno != ENOENT) + perror("error reading history file"); return; + } while (!feof(f)) { line = Strfgets(f); @@ -61,6 +72,8 @@ saveHistory(Hist *hist, size_t size) HistItem *item; char *tmpf; int rename_ret; +#define FNAMELEN 255 + char fname[FNAMELEN+1] = HISTORY_FILE; if (hist == NULL || hist->list == NULL) return; @@ -80,7 +93,12 @@ saveHistory(Hist *hist, size_t size) disp_err_message("Can't save history", FALSE); return; } - rename_ret = rename(tmpf, rcFile(HISTORY_FILE)); + + if (Session) { + strncat(fname, ".", FNAMELEN -6 - strlen(fname)); + strncat(fname, Session, FNAMELEN -6 - strlen(fname)); + } + rename_ret = rename(tmpf, rcFile(fname)); if (rename_ret != 0) { disp_err_message("Can't save history", FALSE); return; diff --git a/main.c b/main.c index 85b0003..fdc5429 100644 --- a/main.c +++ b/main.c @@ -7,6 +7,7 @@ #include <sys/stat.h> #include <sys/types.h> #include <unistd.h> +#include <errno.h> #include <fcntl.h> #if defined(HAVE_WAITPID) || defined(HAVE_WAIT3) #include <sys/wait.h> @@ -242,6 +243,7 @@ fusage(FILE * f, int err) fprintf(f, " -header string insert string as a header\n"); fprintf(f, " +<num> goto <num> line\n"); fprintf(f, " -num show line number\n"); + fprintf(f, " -session=<id> use session <id>\n"); fprintf(f, " -no-proxy don't use proxy\n"); #ifdef INET6 fprintf(f, " -4 IPv4 only (-o dns_order=4)\n"); @@ -283,6 +285,8 @@ static char *getCodePage(void); #endif #endif +char *loadBufferInfo(void); + static GC_warn_proc orig_GC_warn_proc = NULL; #define GC_WARN_KEEP_MAX (20) @@ -750,6 +754,8 @@ main(int argc, char **argv, char **envp) squeezeBlankLine = TRUE; else if (!strcmp("-X", argv[i])) Do_not_use_ti_te = TRUE; + else if (!strncmp("-session=", argv[i], 9)) + Session = argv[i] + 9; else if (!strcmp("-title", argv[i])) displayTitleTerm = getenv("TERM"); else if (!strncmp("-title=", argv[i], 7)) @@ -800,6 +806,22 @@ main(int argc, char **argv, char **envp) i++; } + /* if last session has been saved, get last URL */ + { + char * str; /* we blantantly skip the release of this memory -- + this seems to be the way to do things in w3m anyway + ...*/ + if (Session && (str = loadBufferInfo()) != NULL ) { + /* The URL from last session overrides the URL(s) from the command + * line */ + load_argv[0] = str; + load_argc = 1; + } + } +#ifdef USE_HISTORY + loadHistory(URLHist); +#endif /* not USE_HISTORY */ + #ifdef __WATT32__ if (w3m_debug) dbug_init(); @@ -1478,14 +1500,54 @@ tmpClearBuffer(Buffer *buf) static Str currentURL(void); #ifdef USE_BUFINFO +char * +loadBufferInfo() +{ + FILE *fp; + Str line; + char *str; +#define FNAMELEN 255 + char fname[FNAMELEN+1] = "bufinfo"; + + if (Session) { + strncat(fname, ".", FNAMELEN -6 - strlen(fname)); + strncat(fname, Session, FNAMELEN -6 - strlen(fname)); + } + if ((fp = fopen(rcFile(fname), "r")) == NULL) { + if (errno != ENOENT) + perror("error reading bufinfo file"); + return NULL; + } + line = Strfgets(fp); + Strchop(line); + Strremovefirstspaces(line); + Strremovetrailingspaces(line); + fclose(fp); + if (line->length == 0) { + str=NULL; + } else { + str=allocStr(line->ptr, -1); + } + Strclear(line); + Strfree(line); + return str; +} + void saveBufferInfo() { FILE *fp; +#define FNAMELEN 255 + char fname[FNAMELEN+1] = "bufinfo"; if (w3m_dump) return; - if ((fp = fopen(rcFile("bufinfo"), "w")) == NULL) { + if (Session) { + strncat(fname, ".", FNAMELEN -6 - strlen(fname)); + strncat(fname, Session, FNAMELEN -6 - strlen(fname)); + } + if ((fp = fopen(rcFile(fname), "w")) == NULL) { + perror("error writing bufinfo file"); return; } fprintf(fp, "%s\n", currentURL()->ptr); -- 2.6.6 ++++++ 0001-w3mman-don-t-show-invalid-characters-bsc-950800.patch ++++++ >From c3e30bc08f5a23ab77e6e70484ead9604e433121 Mon Sep 17 00:00:00 2001 From: Thomas Blume <[email protected]> Date: Thu, 24 Nov 2016 11:53:59 +0100 Subject: [PATCH] w3mman: don't show invalid characters (bsc#950800) [tblume: port of w3mman-formatting.patch] --- scripts/w3mman/w3mman2html.cgi.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/w3mman/w3mman2html.cgi.in b/scripts/w3mman/w3mman2html.cgi.in index 2cd00f9..0ff63ee 100644 --- a/scripts/w3mman/w3mman2html.cgi.in +++ b/scripts/w3mman/w3mman2html.cgi.in @@ -75,7 +75,7 @@ if ($query{"local"}) { if (! ($file =~ /^\//)) { $file = $query{"pwd"} . '/' . $file; } - open(F, "MAN_KEEP_FORMATTING=1 $MAN -l $file 2> /dev/null |"); + open(F, "$MAN -l $file 2> /dev/null |"); } else { $man = $query{"man"}; if ($man =~ s/\((\w+)\)$//) { @@ -91,7 +91,7 @@ if ($query{"local"}) { $section =~ s:([^-\w\200-\377.,])::g; $man =~ s:([^-\w\200-\377.,])::g; - open(F, "MAN_KEEP_FORMATTING=1 $MAN $section $man 2> /dev/null |"); + open(F, "$MAN $section $man 2> /dev/null |"); } $ok = 0; undef $header; -- 2.6.6 ++++++ _service ++++++ <services> <service name="tar_scm" mode="disabled"> <param name="scm">git</param> <param name="url">https://github.com/tblume/w3m.git</param> <param name="subdir"></param> <param name="filename">w3m</param> <param name="version">0.5.3.git20161120</param> <param name="revision">master</param> </service> <service name="recompress" mode="disabled"> <param name="file">*w3m*.tar</param> <param name="compression">xz</param> </service> </services>
