diff options
| -rw-r--r-- | UPDATING | 4 | ||||
| -rw-r--r-- | sys/conf/newvers.sh | 2 | ||||
| -rw-r--r-- | usr.bin/fetch/fetch.c | 3 |
3 files changed, 7 insertions, 2 deletions
@@ -8,6 +8,10 @@ Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before running portupgrade. Important recent entries: 20040724 (default X changes). +20041118: p1 FreeBSD-SA-04:16.fetch + Correct a buffer overflow in fetch(1) which could allow a + mallicious server to execute arbitrary code on the client. + 20041104: FreeBSD 5.3-RELEASE diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index dbcb44857c3b..c96d911929cf 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="5.3" -BRANCH="RELEASE" +BRANCH="RELEASE-p1" RELEASE="${REVISION}-${BRANCH}" VERSION="${TYPE} ${RELEASE}" diff --git a/usr.bin/fetch/fetch.c b/usr.bin/fetch/fetch.c index 21890fda407d..9b61041a5d19 100644 --- a/usr.bin/fetch/fetch.c +++ b/usr.bin/fetch/fetch.c @@ -584,7 +584,8 @@ fetch(char *URL, const char *path) /* suck in the data */ signal(SIGINFO, sig_handler); while (!sigint) { - if (us.size != -1 && us.size - count < B_size) + if (us.size != -1 && us.size - count < B_size && + us.size - count >= 0) size = us.size - count; else size = B_size; |