Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

wget-1.14-12.1 RPM for aarch64

From OpenSuSE Ports Leap 42.3 updates for aarch64

Name: wget Distribution: openSUSE Leap 42.3
Version: 1.14 Vendor: openSUSE
Release: 12.1 Build date: Fri Oct 27 16:25:07 2017
Group: Productivity/Networking/Web/Utilities Build host: armbuild24
Size: 2050291 Source RPM: wget-1.14-12.1.src.rpm
Summary: A Tool for Mirroring FTP and HTTP Servers
Wget enables you to retrieve WWW documents or FTP files from a server.
This can be done in script files or via the command line.






* Tue Oct 24 2017
  - Fixed two stack overflow vulnerabilities if a chunksize is
* Wed Mar 08 2017
  - src/url.c (url_parse): Reject control characters in host part
    of URL
    (CVE-2017-6508, wget-CVE-2017-6508.patch, bsc#1028301)
* Wed Dec 07 2016
  - Added support for TLSv1.1 and TLSv1.2.
    (bsc#1012677, wget-enforce-tls12.patch)
* Thu Oct 20 2016
  - Don't call xfree() on string returned by usr_error()!
    (bsc#1005091, wget-dont-free-dcgettext.patch)
* Wed Aug 31 2016
  - Fixed a potential race condition by creating files with .tmp ext
    and making them accessible to the current user only.
    (bsc#995964, CVE-2016-7098, wget-CVE-2016-7098.patch)
* Wed Jul 27 2016
  - Fix for HTTP to a FTP redirection file name confusion vulnerability
    (bnc#984060, CVE-2016-4971, wget-CVE-2016-4971.patch).
    - Work around a libidn <= 1.30 vulnerability
    (bsc#937096, CVE-2015-2059, wget-CVE-2015-2059.patch).
    - Fix for wget fails with basicauth: Failed writing HTTP request:
    Bad file descriptor
    (bnc#958342, wget-basicauth.patch)
* Mon Nov 03 2014
  - Fix for FTP symlink arbitrary filesystem access
    (bnc#902709, CVE-2014-4877, wget-CVE-2014-4877.patch).
* Thu Jun 20 2013
  - add wget-fix-pod-syntax.diff to fix build with perl 5.18
* Thu May 02 2013
  - Update to version 1.14
    + add support for content-on-error.  It allows to store the HTTP
      payload on 4xx or 5xx errors.
    + add support for WARC files.
    + fix a memory leak problem in the GNU TLS backend.
    + autoreconf works again for distributed tarballs.
    + print some diagnostic messages to stderr not to stdout.
    + report stdout close errors.
    + accept the --report-speed option.
    + enable client certificates when GNU TLS is used.
    + add support for TLS Server Name Indication.
    + accept the arguments --accept-reject and --reject-regex.
    + the GNU TLS backend honors correctly the timeout value.
    + add support for RFC 2617 Digest Access Authentication.
  - Drop patchs obsoleted by upstream
    + wget-sni.patch
    + wget-stdio.h.patch
  - Rebase patchs to work with upstream
    + wget-openssl-no-intern.patch > wget-1.14-openssl-no-intern.patch
    + wget-no-ssl-comp.patch > wget-1.14-no-ssl-comp.patch
* Thu May 02 2013
  - add makeinfo BuildRequires to fix build
* Fri Apr 05 2013
  - Add Source URL, see
* Mon Nov 12 2012
  - wget-no-ssl-comp.patch: Since the apperance of the "CRIME attack"
    (CVE-2012-4929) HTTPS clients must not negotatiate ssl compression.
* Thu Sep 27 2012
  - Add wget-openssl-no-intern.patch to Build with OPENSSL_NO_SSL_INTERN,
    which is openssl's poor man's version of visibility, to avoid breaking
    applications ABI on library internal changes.
* Fri Jul 27 2012
  - Fix build with missing gets declaration (glibc 2.16)
* Wed Mar 21 2012
  - Adjust wget-libproxy.patch: give debug output only when
    opt.debug is set to non-zero values, so when -d is specified.
    Fix bnc#753242.
* Fri Dec 02 2011
  - add automake as buildrequire to avoid implicit dependency
* Wed Oct 19 2011
  - New version: 1.13.4:
    * Now --timestamping and --continue work well together.
    * Return a network failure when FTP downloads fail and
    - -timestamping is specified.
    * Support HTTP/1.1
    * Fix some portability issues.
    * Handle properly malformed status line in a HTTP response.
    * Ignore zero length domains in $no_proxy.
    * Exit with failure if -k is specified and -O is not a regular
    * Cope better with unclosed html tags.
    * Print diagnostic messages to stderr, not stdout.
    * Do not use an additional HEAD request when
    - -content-disposition is used, but use directly GET.
    * Report the average transfer speed correctly when multiple
      URLs are specified and -c influences the transferred data
    * By default, on server redirects, use the original URL to get
      the local file name. Close CVE-2010-2252.  This introduces a
      backward-incompatibility; any script that relies on the old
      behaviour must use --trust-server-names.
    * Fix a problem when -k is used and some URLs are specified
      trough CSS.
    * Convert correctly URLs that need to be encoded to local files
      when following links.
    * Use persistent connections with proxies supporting them.
    * Print the total download time as part of the summary for
      recursive downloads.
    * Now it is possible to specify a different startup
      configuration file trough the --config option.
    * Fix an infinite loop with the error '<filename> has sprung
      into existence' on a network error and -nc is used.
    * Now --adjust-extension does not modify the file extension if
      the file ends in .htm.
    * Support HTTP/1.1 307 redirects keep request method.
    * Now --no-parent doesn't fetch undesired files if HTTP and
      HTTPS are used by the same host on different pages.
    * Do not attempt to remove the file if it is not in the accept
      rules but it is the output destination file.
    * Introduce `show_all_dns_entries' to print all IP addresses
      corresponding to a DNS name when it is resolved.
  - Adjuct patches to the new version.
  - wget-1.12-nosslv2.patch got included upstream.
* Sat Oct 15 2011
  - fix typo in sni patch , in the IPV6 case should be
    is_valid_ipv6_address() instead of is_valid_ipv4_address()
  - Add comment to the patch referencing upstream tracker.
* Fri Oct 14 2011
  -  Update nosslv2 patch with the version in upstream
  -  Wget now supports SNI (server name indication), patch
    based on a 2 year old fix submitted to upstream list
    that somehow fell through the cracks.
* Sat Apr 09 2011
  - SSLv2 is being disabled in openSSL, allow painless obsoletion.
  - Support IDN.
* Sun Aug 15 2010
  - Update to version 1.12:
    + SECURITY FIX: It had been possible to trick Wget into accepting
      SSL certificates that don't match the host name, through the
      trick of embedding NUL characters into the certs' common name
    + Added support for CSS. This includes:
    - Parsing links from CSS files, and from CSS content found in
      HTML style tags and attributes.
    - Supporting conversion of links found within CSS content, when
    - -convert-links is specified.
    - Ensuring that CSS files end in the ".css" filename extension,
      when --convert-links is specified.
    + Added support for Internationalized Resource Identifiers
    + Wget now provides more sensible exit status codes when
      downloads don't proceed as expected
    + --default-page option (and associated wgetrc command) added to
      support alternative default names for index.html.
    + --ask-password option (and associated wgetrc command) added to
      support password prompts at the console.
    + The --input-file option now also handles retrieving links from
      an external file.
    + The output generated by the --version option now includes
      information on how it was built, and the set of configure-time
      options that were selected.
    + --html-extension has been renamed to --adjust-extension, to
      reflect the fact that it now also applies to CSS content
    + An "ascii" specifier is now accepted by --restrict-file-names,
      which forces the percent-encoding of all non-ASCII bytes
    + Several previously existing, but undocumented .wgetrc options
      are now documented.
  - Drop upstream fixed wget-nullcerts.patch.
  - Minor spec-cleanups using spec-cleaner
  - Use smp_mflags
  - Add libproxy-devel BuildRequires and enable libproxy support
    using wget-libproxy.patch.
  - Add pkg-config BuildRequire to succeed with the bootstrap on
    openSUSE < 11.3.
* Wed Dec 16 2009
  - Enable parallel building
* Tue Aug 11 2009
  - Fix vulnerability against SSL certificates with a zero byte in
    the common name field (wget-nullcerts.patch, bnc#528298).



Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Oct 9 10:49:34 2021