|Index||index by Group||index by Distribution||index by Vendor||index by creation date||index by Name||Mirrors||Help||Search|
|Name: wget||Distribution: openSUSE Leap 15.0|
|Version: 1.19.5||Vendor: openSUSE|
|Release: lp150.1.1||Build date: Tue May 15 17:52:02 2018|
|Group: Productivity/Networking/Web/Utilities||Build host: cloud136|
|Size: 2881904||Source RPM: wget-1.19.5-lp150.1.1.src.rpm|
|Summary: A Tool for Mirroring FTP and HTTP Servers|
Wget enables you to retrieve WWW documents or FTP files from a server. This can be done in script files or via the command line.
* Mon May 07 2018 firstname.lastname@example.org - GNU wget 1.19.5: * Fix cookie injection (CVE-2018-0494, bsc#1092061) * Enable TLS1.3 with recent OpenSSL environment * New option --ciphers to set GnuTLS / OpenSSL ciphers directly * Updated CSS grammar to CSS 2.2 * Fixed several memleaks found by OSS-Fuzz * Fixed several buffer overflows found by OSS-Fuzz * Fixed several integer overflows found by OSS-Fuzz * Several minor bug fixes [bsc#1092061, CVE-2018-0494, wget-ignore-void-retvalue.patch] * Fri Feb 16 2018 email@example.com - Original package had sources lzip compressed. Downloaded .gz compressed file including signature file. * Mon Jan 22 2018 firstname.lastname@example.org - GNU wget 1.19.4: * Support for Content-Encoding and Transfer-Encoding have been marked as experimental and disabled by default - includes 1.19.3: * Prevent erroneous decompression of .gz and .tgz files with broken servers * Added support for HTTP 308 Permanent Redirect response * Fix segfault in some cases where the Content-Type header is not sent * Support OpenSSL 1.1 builds without using deprecated features * Several minor bug fixes - switch to lz release (smaller) - cleanup with spec-cleaner * Fri Oct 27 2017 email@example.com - GNU wget 1.19.2: * CVE-2017-13089: Stack overflow in HTTP protocol handling (bsc#1064715) * CVE-2017-13090: Heap overflow in HTTP protocol handling (bsc#1064716) * New option --compression for gzip Content-Encoding * New option --[no]-netrc to control .netrc parsing * Added GNU extensions to .netrc parsing * Improved IDNA 2003 compatibility * Fix VPATH issues * Improved and extended the test suite * Support Wayback Machine's X-Archive-Orig-last-modified * Several bug fixes - drop upstreamed patches: * wget-CVE-2017-6508.patch * wget-416-but-file-not-complete.patch - unfuzz wget-errno-clobber.patch * Thu Sep 21 2017 firstname.lastname@example.org - Retry http GET when server responds with "416 Requested Range Not Satisfiable" but file is not complete. [boo#1058204, wget-416-but-file-not-complete.patch] * Tue Mar 07 2017 email@example.com - src/url.c (url_parse): Reject control characters in host part of URL (CVE-2017-6508, wget-CVE-2017-6508.patch, bsc#1028301) * Thu Feb 16 2017 firstname.lastname@example.org - Update to wget-1.19.1, mainly bug fixes * Add support for --retry-on-http-error * tests/WgetTests.pm: Add --no-config to wget invocation * Fix regression in .netrc auth in src/http.c * Fix memory leak in src/iri.c * Remove skipping libunistring with --disable-iri * bootstrap.conf: Add gnulib module wcwidth * Fix include/define clash with gnulib's unlink module * Sat Feb 04 2017 email@example.com - build with libidn2 to actually support IDNA2008 - FATE#321897 * Fri Feb 03 2017 firstname.lastname@example.org - Update to wget-1.19: * New option --use-askpass=COMMAND. Fetch user/password by calling an external program. * Use IDNA2008 (+ TR46 if available) through libidn2 * When processing a Metalink header, --metalink-index=<number> allows to process the header's application/metalink4+xml files. * When processing a Metalink file, --trust-server-names enables the use of the destination file names specified in the Metalink file, otherwise a safe destination file name is computed. * When processing a Metalink file, enforce a safe destination path. Remove any drive letter prefix under w32, i.e. 'C:D:file'. Call libmetalink's metalink_check_safe_path() to prevent absolute, relative, or home paths: https://tools.ietf.org/html/rfc5854#section-22.214.171.124 https://tools.ietf.org/html/rfc5854#section-126.96.36.199 * When processing a Metalink file, --directory-prefix=<prefix> sets the top of the retrieval tree to prefix for Metalink downloads. * When processing a Metalink file, reject downloaded files which don't agree with their own metalink:size value: https://tools.ietf.org/html/rfc5854#section-4.2.16 * When processing a Metalink file, with --continue resume partially downloaded files and keep fully downloaded files even if they fail the verification. * When processing a Metalink file, create the parent directories of a "path/file" destination file name: https://tools.ietf.org/html/rfc5854#section-188.8.131.52 https://tools.ietf.org/html/rfc5854#section-184.108.40.206 * On a recursive download, append a .tmp suffix to temporary files that will be deleted after being parsed, and create them readable/writable only by the owner. * New make target 'check-valgrind' * Fix several bugs * Fix compatibility issues * Thu Jul 28 2016 email@example.com - Save/restore errno within CLOSE_FINISH and CLOSE_INVALIDATE. (wget-errno-clobber.patch, boo#983660) * Fri Jul 22 2016 firstname.lastname@example.org - Update wget-libproxy.patch: use libproxy's px_proxy_factory_free instead of regular free in order to ensure the module destructors are correctly running (boo#967601). * Thu Jun 09 2016 email@example.com - GNU wget 1.18: * On server redirects to a FTP resource, use the original URL to get the local file name by default. CVE-2016-4971 (boo#984060) This introduces a backward-incompatibility for HTTP->FTP redirects and any script that relies on the old behaviour must use --trust-server-names. * Check the HSTS file is not world-writable before using it. * Parse <img srcset> attributes on a recursive download. * Fix problem with SNI server names having trailing dot(s) * New options --bind-dns-address and --dns-servers. * Convert non-ASCII URIs to the locale's codeset when creating files. Encoding of remote files and URIs is taken from - -remote-encoding, defaulting to UTF-8. The result is that non-ASCII URIs and files downloaded via HTTP/HTTPS and FTP will have names on the local filesystem that correspond to their remote names. - build with gpgme, libcares2 * Sat Dec 12 2015 firstname.lastname@example.org - GNU wget 1.17.1: * Fix compile error when IPv6 is disabled or SSL is not present * Fix HSTS memory leak * Fix progress output in non-C locales * Fix SIGSEGV when -N and --content-disposition are used together * Add --check-certificate=quiet to tell wget to not print any warning about invalid certificates * Wed Nov 18 2015 email@example.com - GNU wget 1.17: * Remove FTP passive to active fallback due to privacy concerns. [boo#944858] CVE-2015-7665 was assigned to this problem in a tails context * Add support for --if-modified-since. * Add support for metalink through --input-metalink and - -metalink-over-http. * Add support for HSTS through --hsts and --hsts-file. * Add option to restrict filenames under VMS. * Add support for --rejected-log which logs to a separate file the reasons why URLs are being rejected and some context around it. * Add support for FTPS. * Do not download/save file on error when --spider enabled * Add --convert-file-only option. This option converts only the filename part of the URLs, leaving the rest of the URLs untouched. - packaging changes: * enable metalink support (in ring1) * use system pcre (in ring 0) * use system libuuid (in ring 1) * build with libpsl for cookie domain checking (new) * Mon Mar 09 2015 firstname.lastname@example.org - GNU wget 1.16.3: * Fix a regression introduced by wget 1.16.2 that --quiet is not really quiet anymore. * Tue Mar 03 2015 email@example.com - GNU wget 1.16.2: * Allow progress bar on stderr when -o is used. * Accept 5-digit port numbers in FTP EPSV responses. * Support older versions of flex. * Updated translations. - drop wget-1.14-openssl-no-intern.patch, now upstream * Wed Dec 24 2014 firstname.lastname@example.org - GNU wget 1.16.1: * Add --enable-assert configure option. * Use pkg-config to check for libraries presence. * Do not limit --secure-protocol=auto|pfs to TLSv1.0. * Add --secure-protocol=TLSv1_1|TLSv1_2 . * Full C89 source code compliance. * Select and use the most secure authentication scheme with HTTP connections. * Fix issues with turkish locales. * Handle 504 Gateway Timeout. * New option --crl-file to load Certificate Revocation Lists. * Add valgrind support to tests suite. * Fix an off-by-one problem in the progress bar (introduced in 1.16). - refresh wget-libproxy.patch * Wed Oct 29 2014 email@example.com - GNU wget 1.16: This release contains a fix for symlink attack which could allow a malicious ftp server to create arbitrary files, directories or symbolic links and set their permissions when retrieving a directory recursively through FTP. [CVE-2014-4877] [boo#902709] * No longer create local symbolic links by default - -retr-symlinks=no option restores previous behaviour * Use libpsl for verifying cookie domains. * Default progress bar output changed. * Introduce --show-progress to force display the progress bar. * Introduce --no-config. The wgetrc files will not be read. * Introduce --start-pos to allow starting downloads from a specified position. * Fix a problem with ISA Server Proxy and keep-alive connections. - refresh wget-libproxy.patch for upstream changes - make some dependencies only required for testsuite optional * Sun Jun 08 2014 firstname.lastname@example.org - Disable the testsuite * Tue Jan 21 2014 email@example.com - Enabled the testsuite - Modified libproxy.patch to include Makefile in tests/ * Sun Jan 19 2014 firstname.lastname@example.org - GNU wget 1.15 * Add support for --method. * Add support for file names longer than MAX_FILE. * Support FTP listing for the FTP Server on Windows Server 2008 R2. * Fix a regression when -c and --content-disposition are used together. * Support shorthand URLs in an input file. * Fix -c with servers that don't specify a content-length. * Add support for MD5-SESS * Do not fail on non fatal GNU TLS alerts during handshake. * Add support for --https-only. When used wget will follow only * HTTPS links in recursive mode. * Support Perfect-Forward Secrecy in --secure-protocol. * Fix a problem with some IRI links that are not followed when contained in a * HTML document. * Support some FTP servers that return an empty list with "LIST -a". * Specify Host with the HTTP CONNECT method. * Use the correct HTTP method on a redirection. - verify source tarball signatures - modified patches: * wget-1.14-openssl-no-intern.patch for upstream changes * wget-fix-pod-syntax.diff for upstream changes * Thu Jun 20 2013 email@example.com - add wget-fix-pod-syntax.diff to fix build with perl 5.18 * Thu May 02 2013 firstname.lastname@example.org - Update to version 1.14 + add support for content-on-error. It allows to store the HTTP payload on 4xx or 5xx errors. + add support for WARC files. + fix a memory leak problem in the GNU TLS backend. + autoreconf works again for distributed tarballs. + print some diagnostic messages to stderr not to stdout. + report stdout close errors. + accept the --report-speed option. + enable client certificates when GNU TLS is used. + add support for TLS Server Name Indication. + accept the arguments --accept-reject and --reject-regex. + the GNU TLS backend honors correctly the timeout value. + add support for RFC 2617 Digest Access Authentication. - Drop patchs obsoleted by upstream + wget-sni.patch + wget-stdio.h.patch - Rebase patchs to work with upstream + wget-openssl-no-intern.patch > wget-1.14-openssl-no-intern.patch + wget-no-ssl-comp.patch > wget-1.14-no-ssl-comp.patch * Thu May 02 2013 email@example.com - add makeinfo BuildRequires to fix build * Fri Apr 05 2013 firstname.lastname@example.org - Add Source URL, see https://en.opensuse.org/SourceUrls * Mon Nov 12 2012 email@example.com - wget-no-ssl-comp.patch: Since the apperance of the "CRIME attack" (CVE-2012-4929) HTTPS clients must not negotatiate ssl compression. * Thu Sep 27 2012 firstname.lastname@example.org - Add wget-openssl-no-intern.patch to Build with OPENSSL_NO_SSL_INTERN, which is openssl's poor man's version of visibility, to avoid breaking applications ABI on library internal changes. * Fri Jul 27 2012 email@example.com - Fix build with missing gets declaration (glibc 2.16) * Wed Mar 21 2012 firstname.lastname@example.org - Adjust wget-libproxy.patch: give debug output only when opt.debug is set to non-zero values, so when -d is specified. Fix bnc#753242. * Fri Dec 02 2011 email@example.com - add automake as buildrequire to avoid implicit dependency * Wed Oct 19 2011 firstname.lastname@example.org - New version: 1.13.4: * Now --timestamping and --continue work well together. * Return a network failure when FTP downloads fail and - -timestamping is specified. * Support HTTP/1.1 * Fix some portability issues. * Handle properly malformed status line in a HTTP response. * Ignore zero length domains in $no_proxy. * Exit with failure if -k is specified and -O is not a regular file. * Cope better with unclosed html tags. * Print diagnostic messages to stderr, not stdout. * Do not use an additional HEAD request when - -content-disposition is used, but use directly GET. * Report the average transfer speed correctly when multiple URLs are specified and -c influences the transferred data amount. * By default, on server redirects, use the original URL to get the local file name. Close CVE-2010-2252. This introduces a backward-incompatibility; any script that relies on the old behaviour must use --trust-server-names. * Fix a problem when -k is used and some URLs are specified trough CSS. * Convert correctly URLs that need to be encoded to local files when following links. * Use persistent connections with proxies supporting them. * Print the total download time as part of the summary for recursive downloads. * Now it is possible to specify a different startup configuration file trough the --config option. * Fix an infinite loop with the error '<filename> has sprung into existence' on a network error and -nc is used. * Now --adjust-extension does not modify the file extension if the file ends in .htm. * Support HTTP/1.1 307 redirects keep request method. * Now --no-parent doesn't fetch undesired files if HTTP and HTTPS are used by the same host on different pages. * Do not attempt to remove the file if it is not in the accept rules but it is the output destination file. * Introduce `show_all_dns_entries' to print all IP addresses corresponding to a DNS name when it is resolved. - Adjuct patches to the new version. - wget-1.12-nosslv2.patch got included upstream. * Sat Oct 15 2011 email@example.com - fix typo in sni patch , in the IPV6 case should be is_valid_ipv6_address() instead of is_valid_ipv4_address() - Add comment to the patch referencing upstream tracker. * Fri Oct 14 2011 firstname.lastname@example.org - Update nosslv2 patch with the version in upstream - Wget now supports SNI (server name indication), patch based on a 2 year old fix submitted to upstream list that somehow fell through the cracks. * Sat Apr 09 2011 email@example.com - SSLv2 is being disabled in openSSL, allow painless obsoletion. - Support IDN. * Sun Aug 15 2010 firstname.lastname@example.org - Update to version 1.12: + SECURITY FIX: It had been possible to trick Wget into accepting SSL certificates that don't match the host name, through the trick of embedding NUL characters into the certs' common name + Added support for CSS. This includes: - Parsing links from CSS files, and from CSS content found in HTML style tags and attributes. - Supporting conversion of links found within CSS content, when - -convert-links is specified. - Ensuring that CSS files end in the ".css" filename extension, when --convert-links is specified. + Added support for Internationalized Resource Identifiers + Wget now provides more sensible exit status codes when downloads don't proceed as expected + --default-page option (and associated wgetrc command) added to support alternative default names for index.html. + --ask-password option (and associated wgetrc command) added to support password prompts at the console. + The --input-file option now also handles retrieving links from an external file. + The output generated by the --version option now includes information on how it was built, and the set of configure-time options that were selected. + --html-extension has been renamed to --adjust-extension, to reflect the fact that it now also applies to CSS content + An "ascii" specifier is now accepted by --restrict-file-names, which forces the percent-encoding of all non-ASCII bytes + Several previously existing, but undocumented .wgetrc options are now documented. - Drop upstream fixed wget-nullcerts.patch. - Minor spec-cleanups using spec-cleaner - Use smp_mflags - Add libproxy-devel BuildRequires and enable libproxy support using wget-libproxy.patch. - Add pkg-config BuildRequire to succeed with the bootstrap on openSUSE < 11.3. * Wed Dec 16 2009 email@example.com - Enable parallel building * Tue Aug 11 2009 firstname.lastname@example.org - Fix vulnerability against SSL certificates with a zero byte in the common name field (wget-nullcerts.patch, bnc#528298).
/etc/wgetrc /usr/bin/wget /usr/share/doc/packages/wget /usr/share/doc/packages/wget/AUTHORS /usr/share/doc/packages/wget/COPYING /usr/share/doc/packages/wget/MAILING-LIST /usr/share/doc/packages/wget/NEWS /usr/share/doc/packages/wget/README /usr/share/doc/packages/wget/rmold.pl /usr/share/doc/packages/wget/sample.wgetrc /usr/share/info/wget.info.gz /usr/share/locale/be/LC_MESSAGES/wget.mo /usr/share/locale/bg/LC_MESSAGES/wget.mo /usr/share/locale/ca/LC_MESSAGES/wget.mo /usr/share/locale/cs/LC_MESSAGES/wget.mo /usr/share/locale/da/LC_MESSAGES/wget.mo /usr/share/locale/de/LC_MESSAGES/wget.mo /usr/share/locale/el/LC_MESSAGES/wget.mo /usr/share/locale/en_GB/LC_MESSAGES/wget.mo /usr/share/locale/eo/LC_MESSAGES/wget.mo /usr/share/locale/es/LC_MESSAGES/wget.mo /usr/share/locale/et/LC_MESSAGES/wget.mo /usr/share/locale/eu/LC_MESSAGES/wget.mo /usr/share/locale/fi/LC_MESSAGES/wget.mo /usr/share/locale/fr/LC_MESSAGES/wget.mo /usr/share/locale/ga/LC_MESSAGES/wget.mo /usr/share/locale/gl/LC_MESSAGES/wget.mo /usr/share/locale/he/LC_MESSAGES/wget.mo /usr/share/locale/hr/LC_MESSAGES/wget.mo /usr/share/locale/hu/LC_MESSAGES/wget.mo /usr/share/locale/id/LC_MESSAGES/wget.mo /usr/share/locale/it/LC_MESSAGES/wget.mo /usr/share/locale/ja/LC_MESSAGES/wget.mo /usr/share/locale/lt/LC_MESSAGES/wget.mo /usr/share/locale/nb/LC_MESSAGES/wget.mo /usr/share/locale/nl/LC_MESSAGES/wget.mo /usr/share/locale/pl/LC_MESSAGES/wget.mo /usr/share/locale/pt/LC_MESSAGES/wget.mo /usr/share/locale/pt_BR/LC_MESSAGES/wget.mo /usr/share/locale/ro/LC_MESSAGES/wget.mo /usr/share/locale/ru/LC_MESSAGES/wget.mo /usr/share/locale/sk/LC_MESSAGES/wget.mo /usr/share/locale/sl/LC_MESSAGES/wget.mo /usr/share/locale/sr/LC_MESSAGES/wget.mo /usr/share/locale/sv/LC_MESSAGES/wget.mo /usr/share/locale/tr/LC_MESSAGES/wget.mo /usr/share/locale/uk/LC_MESSAGES/wget.mo /usr/share/locale/vi/LC_MESSAGES/wget.mo /usr/share/locale/zh_CN/LC_MESSAGES/wget.mo /usr/share/locale/zh_TW/LC_MESSAGES/wget.mo /usr/share/man/man1/wget.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Oct 9 10:07:33 2021