summaryrefslogtreecommitdiff
path: root/net/wget
diff options
context:
space:
mode:
authorryoon <ryoon@pkgsrc.org>2017-02-20 12:25:48 +0000
committerryoon <ryoon@pkgsrc.org>2017-02-20 12:25:48 +0000
commitfdeaf771b8356c6c9dde287706bf26546b744df5 (patch)
tree68db250a0ee8eee0bdc5c0a25ebde648e6589bb4 /net/wget
parent45c0368dffac2d8f320ab0c48c5a7e7859baf594 (diff)
downloadpkgsrc-fdeaf771b8356c6c9dde287706bf26546b744df5.tar.gz
Update to 1.19.1
Changelog: * Changes in Wget 1.19.1 * Fix bugs, a regression, portability/build issues * Add new option --retry-on-http-error * Changes in Wget 1.19 * New option --use-askpass=COMMAND. Fetch user/password by calling an external program. * Use IDNA2008 (+ TR46 if available) through libidn2 * When processing a Metalink header, --metalink-index=<number> allows to process the header's application/metalink4+xml files. * When processing a Metalink file, --trust-server-names enables the use of the destination file names specified in the Metalink file, otherwise a safe destination file name is computed. * When processing a Metalink file, enforce a safe destination path. Remove any drive letter prefix under w32, i.e. 'C:D:file'. Call libmetalink's metalink_check_safe_path() to prevent absolute, relative, or home paths: https://tools.ietf.org/html/rfc5854#section-4.1.2.1 https://tools.ietf.org/html/rfc5854#section-4.2.8.3 * When processing a Metalink file, --directory-prefix=<prefix> sets the top of the retrieval tree to prefix for Metalink downloads. * When processing a Metalink file, reject downloaded files which don't agree with their own metalink:size value: https://tools.ietf.org/html/rfc5854#section-4.2.16 * When processing a Metalink file, with --continue resume partially downloaded files and keep fully downloaded files even if they fail the verification. * When processing a Metalink file, create the parent directories of a "path/file" destination file name: https://tools.ietf.org/html/rfc5854#section-4.1.2.1 https://tools.ietf.org/html/rfc5854#section-4.2.8.3 * On a recursive download, append a .tmp suffix to temporary files that will be deleted after being parsed, and create them readable/writable only by the owner. * New make target 'check-valgrind' * Fix several bugs * Fix compatibility issues
Diffstat (limited to 'net/wget')
-rw-r--r--net/wget/Makefile5
-rw-r--r--net/wget/distinfo12
-rw-r--r--net/wget/patches/patch-CVE-2016-709856
-rw-r--r--net/wget/patches/patch-configure15
4 files changed, 7 insertions, 81 deletions
diff --git a/net/wget/Makefile b/net/wget/Makefile
index 79b3564c018..98b4ac2fe86 100644
--- a/net/wget/Makefile
+++ b/net/wget/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.133 2016/10/30 20:55:39 spz Exp $
+# $NetBSD: Makefile,v 1.134 2017/02/20 12:25:48 ryoon Exp $
-DISTNAME= wget-1.18
-PKGREVISION= 3
+DISTNAME= wget-1.19.1
CATEGORIES= net
MASTER_SITES= ${MASTER_SITE_GNU:=wget/}
EXTRACT_SUFX= .tar.xz
diff --git a/net/wget/distinfo b/net/wget/distinfo
index f14db4a83ef..c263e9daa57 100644
--- a/net/wget/distinfo
+++ b/net/wget/distinfo
@@ -1,9 +1,7 @@
-$NetBSD: distinfo,v 1.52 2016/10/30 20:55:39 spz Exp $
+$NetBSD: distinfo,v 1.53 2017/02/20 12:25:48 ryoon Exp $
-SHA1 (wget-1.18.tar.xz) = 02d451e658f600ee519c42cbf4d3bfe4e49b6c4f
-RMD160 (wget-1.18.tar.xz) = 4fdf9c523b434050eeccfbd14b98c90c591d7ce4
-SHA512 (wget-1.18.tar.xz) = a3f6fe2f44a8d797659d55cffaf81eb82b770c96222a0ee29bc4931b13846f8d8b9a07806f2197723c873a1248922d59cca5a81869661d9c6c3107447c184338
-Size (wget-1.18.tar.xz) = 1922376 bytes
-SHA1 (patch-CVE-2016-7098) = fa6c96a24590c191440ae91f76e5c10e8db84d4b
-SHA1 (patch-configure) = 4d65f3e3c4d60174442aa1b75b64b7511bbc6497
+SHA1 (wget-1.19.1.tar.xz) = cde25e99c144191644406793cbd1c69c102c6970
+RMD160 (wget-1.19.1.tar.xz) = 158d759b81c0893cc9c83e4beabb104f4987f6dd
+SHA512 (wget-1.19.1.tar.xz) = 00864d225439bcb7c5af01d7ef19efa615427812d3320ab3f4c8f62c38191e837b1392397843f935d7dc5860a4d0ce89ee31f2730c4a729402f1f2bf3e5f64e5
+Size (wget-1.19.1.tar.xz) = 2111756 bytes
SHA1 (patch-doc_wget.texi) = 6db25b3500ff4617b5ade34d9013b1f9876104f8
diff --git a/net/wget/patches/patch-CVE-2016-7098 b/net/wget/patches/patch-CVE-2016-7098
deleted file mode 100644
index 0875be0c908..00000000000
--- a/net/wget/patches/patch-CVE-2016-7098
+++ /dev/null
@@ -1,56 +0,0 @@
-patch for CVE-2016-7098 from
-http://git.savannah.gnu.org/cgit/wget.git/commit/?id=9ffb64ba6a8121909b01e984deddce8d096c498d
-http://git.savannah.gnu.org/cgit/wget.git/commit/?id=690c47e3b18c099843cdf557a0425d701fca4957
-(only the compilable parts)
-
---- src/http.c.orig 2016-06-09 16:10:14.000000000 +0000
-+++ src/http.c 2016-10-27 20:02:46.000000000 +0000
-@@ -39,6 +39,7 @@ as that of the covered work. */
- #include <errno.h>
- #include <time.h>
- #include <locale.h>
-+#include <fcntl.h>
-
- #include "hash.h"
- #include "http.h"
-@@ -1564,6 +1565,7 @@ struct http_stat
- #ifdef HAVE_METALINK
- metalink_t *metalink;
- #endif
-+ bool temporary; /* downloading a temporary file */
- };
-
- static void
-@@ -2254,6 +2256,15 @@ check_file_output (struct url *u, struct
- xfree (local_file);
- }
-
-+ hs->temporary = opt.delete_after || opt.spider || !acceptable (hs->local_file);
-+ if (hs->temporary)
-+ {
-+ char *tmp = NULL;
-+ asprintf (&tmp, "%s.tmp", hs->local_file);
-+ xfree (hs->local_file);
-+ hs->local_file = tmp;
-+ }
-+
- /* TODO: perform this check only once. */
- if (!hs->existence_checked && file_exists_p (hs->local_file))
- {
-@@ -2467,7 +2478,15 @@ open_output_stream (struct http_stat *hs
- open_id = 22;
- *fp = fopen (hs->local_file, "wb", FOPEN_OPT_ARGS);
- #else /* def __VMS */
-- *fp = fopen (hs->local_file, "wb");
-+ if (hs->temporary)
-+ {
-+ *fp = fdopen (open (hs->local_file, O_BINARY | O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR | S_IWUSR), "wb");
-+ }
-+ else
-+ {
-+ *fp = fopen (hs->local_file, "wb");
-+ }
-+
- #endif /* def __VMS [else] */
- }
- else
diff --git a/net/wget/patches/patch-configure b/net/wget/patches/patch-configure
deleted file mode 100644
index f4d23ba4f70..00000000000
--- a/net/wget/patches/patch-configure
+++ /dev/null
@@ -1,15 +0,0 @@
-$NetBSD: patch-configure,v 1.1 2016/06/11 18:33:22 wiz Exp $
-
-Fix unportable test(1) operator.
-
---- configure.orig 2016-06-09 16:12:51.000000000 +0000
-+++ configure
-@@ -40378,7 +40378,7 @@ fi
- fi
-
-
--if test "X$with_cares" == "Xyes"; then :
-+if test "X$with_cares" = "Xyes"; then :
-
-
- pkg_failed=no