Bug 228071 - ftp/wget: Update to 1.19.5 (Fixes CVE-2018-0494).
Summary: ftp/wget: Update to 1.19.5 (Fixes CVE-2018-0494).
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Vasil Dimov
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-05-08 15:09 UTC by Yasuhiro Kimura
Modified: 2018-05-10 18:54 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (vd)

Attachments
patch file (790 bytes, patch)
2018-05-08 15:09 UTC, Yasuhiro Kimura 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Yasuhiro Kimura freebsd_committer freebsd_triage 2018-05-08 15:09:57 UTC 
Created attachment 193182 [details]
patch file

Update to 1.19.5. It fixes cookie injection vulnerability (CVE-2018-0494).

VuXML entry for CVE-2018-0494 is reported as bug #228070. So please commit it together.
Comment 1 commit-hook freebsd_committer freebsd_triage 2018-05-09 16:19:22 UTC 
A commit references this bug:

Author: vd
Date: Wed May  9 16:18:53 UTC 2018
New revision: 469453
URL: https://svnweb.freebsd.org/changeset/ports/469453

Log:
  ftp/wget: Upgrade from 1.19.4 to 1.19.5

  Changelog: http://git.savannah.gnu.org/cgit/wget.git/plain/NEWS

  PR:		ports/228071
  Reported by:	Yasuhiro KIMURA <yasu@utahime.org>
  MFH:		2018Q2
  Security:	CVE-2018-0494

Changes:
  head/ftp/wget/Makefile
  head/ftp/wget/distinfo
Comment 2 Vasil Dimov freebsd_committer freebsd_triage 2018-05-09 17:31:29 UTC 
Committed, thanks!
Comment 3 commit-hook freebsd_committer freebsd_triage 2018-05-10 18:54:58 UTC 
A commit references this bug:

Author: vd
Date: Thu May 10 18:54:39 UTC 2018
New revision: 469571
URL: https://svnweb.freebsd.org/changeset/ports/469571

Log:
  MFH: r469453

  ftp/wget: Upgrade from 1.19.4 to 1.19.5

  Changelog: http://git.savannah.gnu.org/cgit/wget.git/plain/NEWS

  PR:		ports/228071
  Reported by:	Yasuhiro KIMURA <yasu@utahime.org>
  Security:	CVE-2018-0494

  Approved by:	portmgr (riggs)

Changes:
_U  branches/2018Q2/
  branches/2018Q2/ftp/wget/Makefile
  branches/2018Q2/ftp/wget/distinfo