wget 1.9.1-11 fixes security RC bugs #261755 and #284875

To: debian-release@lists.debian.org
Subject: wget 1.9.1-11 fixes security RC bugs #261755 and #284875
From: Noèl Köthe <noel@debian.org>
Date: Sat, 07 May 2005 09:35:24 +0200
Message-id: <[🔎] 1115451324.9196.4.camel@localhost.localdomain>

Hello,

the 2 security RC bugs were fixed with backported patches from the 1.10
cvs version by the upstream author:

 wget (1.9.1-11) unstable; urgency=high

   * going back to -8 status to have minimal changes to current
     sarge version
   * backported fixes from Hrvoje Niksic/upstream from wget 1.10
     cvs version (thanks alot Hrvoje Niksic!):
     - adds the filtering of control chars
       (closes: Bug#261755)
     - prevents hosts named ".." from writing to ../. and
       prevents "%00" truncating C strings that hold URLs
       (closes: Bug#284875)
   * removed unneeded texi2html build-dep
     (closes: Bug#305425)

Frank Lichtenheld informed me about the missing CAN numbers which I
should add to the changelog but not do an extra upload only for the
numbers:

CAN-2004-1488 (bug #261755)
CAN-2004-1487 (bug #284875)

-- 
Noèl Köthe <noel debian.org>
Debian GNU/Linux, www.debian.org

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Re: wget 1.9.1-11 fixes security RC bugs #261755 and #284875
  - From: Frank Lichtenheld <djpig@debian.org>

Prev by Date: Re: Bug#306141: NMU for krb4 uploaded
Next by Date: Please consider kernel-package 8.135
Previous by thread: Re: Bug#307122: shlibs incorrect
Next by thread: Re: wget 1.9.1-11 fixes security RC bugs #261755 and #284875
Index(es):
- Date
- Thread