diff options
author | ryoon <ryoon@pkgsrc.org> | 2017-02-20 12:25:48 +0000 |
---|---|---|
committer | ryoon <ryoon@pkgsrc.org> | 2017-02-20 12:25:48 +0000 |
commit | fdeaf771b8356c6c9dde287706bf26546b744df5 (patch) | |
tree | 68db250a0ee8eee0bdc5c0a25ebde648e6589bb4 /net/wget | |
parent | 45c0368dffac2d8f320ab0c48c5a7e7859baf594 (diff) | |
download | pkgsrc-fdeaf771b8356c6c9dde287706bf26546b744df5.tar.gz |
Update to 1.19.1
Changelog:
* Changes in Wget 1.19.1
* Fix bugs, a regression, portability/build issues
* Add new option --retry-on-http-error
* Changes in Wget 1.19
* New option --use-askpass=COMMAND. Fetch user/password by calling
an external program.
* Use IDNA2008 (+ TR46 if available) through libidn2
* When processing a Metalink header, --metalink-index=<number> allows
to process the header's application/metalink4+xml files.
* When processing a Metalink file, --trust-server-names enables the
use of the destination file names specified in the Metalink file,
otherwise a safe destination file name is computed.
* When processing a Metalink file, enforce a safe destination path.
Remove any drive letter prefix under w32, i.e. 'C:D:file'. Call
libmetalink's metalink_check_safe_path() to prevent absolute,
relative, or home paths:
https://tools.ietf.org/html/rfc5854#section-4.1.2.1
https://tools.ietf.org/html/rfc5854#section-4.2.8.3
* When processing a Metalink file, --directory-prefix=<prefix> sets
the top of the retrieval tree to prefix for Metalink downloads.
* When processing a Metalink file, reject downloaded files which don't
agree with their own metalink:size value:
https://tools.ietf.org/html/rfc5854#section-4.2.16
* When processing a Metalink file, with --continue resume partially
downloaded files and keep fully downloaded files even if they fail
the verification.
* When processing a Metalink file, create the parent directories of a
"path/file" destination file name:
https://tools.ietf.org/html/rfc5854#section-4.1.2.1
https://tools.ietf.org/html/rfc5854#section-4.2.8.3
* On a recursive download, append a .tmp suffix to temporary files
that will be deleted after being parsed, and create them
readable/writable only by the owner.
* New make target 'check-valgrind'
* Fix several bugs
* Fix compatibility issues
Diffstat (limited to 'net/wget')
-rw-r--r-- | net/wget/Makefile | 5 | ||||
-rw-r--r-- | net/wget/distinfo | 12 | ||||
-rw-r--r-- | net/wget/patches/patch-CVE-2016-7098 | 56 | ||||
-rw-r--r-- | net/wget/patches/patch-configure | 15 |
4 files changed, 7 insertions, 81 deletions
diff --git a/net/wget/Makefile b/net/wget/Makefile index 79b3564c018..98b4ac2fe86 100644 --- a/net/wget/Makefile +++ b/net/wget/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.133 2016/10/30 20:55:39 spz Exp $ +# $NetBSD: Makefile,v 1.134 2017/02/20 12:25:48 ryoon Exp $ -DISTNAME= wget-1.18 -PKGREVISION= 3 +DISTNAME= wget-1.19.1 CATEGORIES= net MASTER_SITES= ${MASTER_SITE_GNU:=wget/} EXTRACT_SUFX= .tar.xz diff --git a/net/wget/distinfo b/net/wget/distinfo index f14db4a83ef..c263e9daa57 100644 --- a/net/wget/distinfo +++ b/net/wget/distinfo @@ -1,9 +1,7 @@ -$NetBSD: distinfo,v 1.52 2016/10/30 20:55:39 spz Exp $ +$NetBSD: distinfo,v 1.53 2017/02/20 12:25:48 ryoon Exp $ -SHA1 (wget-1.18.tar.xz) = 02d451e658f600ee519c42cbf4d3bfe4e49b6c4f -RMD160 (wget-1.18.tar.xz) = 4fdf9c523b434050eeccfbd14b98c90c591d7ce4 -SHA512 (wget-1.18.tar.xz) = a3f6fe2f44a8d797659d55cffaf81eb82b770c96222a0ee29bc4931b13846f8d8b9a07806f2197723c873a1248922d59cca5a81869661d9c6c3107447c184338 -Size (wget-1.18.tar.xz) = 1922376 bytes -SHA1 (patch-CVE-2016-7098) = fa6c96a24590c191440ae91f76e5c10e8db84d4b -SHA1 (patch-configure) = 4d65f3e3c4d60174442aa1b75b64b7511bbc6497 +SHA1 (wget-1.19.1.tar.xz) = cde25e99c144191644406793cbd1c69c102c6970 +RMD160 (wget-1.19.1.tar.xz) = 158d759b81c0893cc9c83e4beabb104f4987f6dd +SHA512 (wget-1.19.1.tar.xz) = 00864d225439bcb7c5af01d7ef19efa615427812d3320ab3f4c8f62c38191e837b1392397843f935d7dc5860a4d0ce89ee31f2730c4a729402f1f2bf3e5f64e5 +Size (wget-1.19.1.tar.xz) = 2111756 bytes SHA1 (patch-doc_wget.texi) = 6db25b3500ff4617b5ade34d9013b1f9876104f8 diff --git a/net/wget/patches/patch-CVE-2016-7098 b/net/wget/patches/patch-CVE-2016-7098 deleted file mode 100644 index 0875be0c908..00000000000 --- a/net/wget/patches/patch-CVE-2016-7098 +++ /dev/null @@ -1,56 +0,0 @@ -patch for CVE-2016-7098 from -http://git.savannah.gnu.org/cgit/wget.git/commit/?id=9ffb64ba6a8121909b01e984deddce8d096c498d -http://git.savannah.gnu.org/cgit/wget.git/commit/?id=690c47e3b18c099843cdf557a0425d701fca4957 -(only the compilable parts) - ---- src/http.c.orig 2016-06-09 16:10:14.000000000 +0000 -+++ src/http.c 2016-10-27 20:02:46.000000000 +0000 -@@ -39,6 +39,7 @@ as that of the covered work. */ - #include <errno.h> - #include <time.h> - #include <locale.h> -+#include <fcntl.h> - - #include "hash.h" - #include "http.h" -@@ -1564,6 +1565,7 @@ struct http_stat - #ifdef HAVE_METALINK - metalink_t *metalink; - #endif -+ bool temporary; /* downloading a temporary file */ - }; - - static void -@@ -2254,6 +2256,15 @@ check_file_output (struct url *u, struct - xfree (local_file); - } - -+ hs->temporary = opt.delete_after || opt.spider || !acceptable (hs->local_file); -+ if (hs->temporary) -+ { -+ char *tmp = NULL; -+ asprintf (&tmp, "%s.tmp", hs->local_file); -+ xfree (hs->local_file); -+ hs->local_file = tmp; -+ } -+ - /* TODO: perform this check only once. */ - if (!hs->existence_checked && file_exists_p (hs->local_file)) - { -@@ -2467,7 +2478,15 @@ open_output_stream (struct http_stat *hs - open_id = 22; - *fp = fopen (hs->local_file, "wb", FOPEN_OPT_ARGS); - #else /* def __VMS */ -- *fp = fopen (hs->local_file, "wb"); -+ if (hs->temporary) -+ { -+ *fp = fdopen (open (hs->local_file, O_BINARY | O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR | S_IWUSR), "wb"); -+ } -+ else -+ { -+ *fp = fopen (hs->local_file, "wb"); -+ } -+ - #endif /* def __VMS [else] */ - } - else diff --git a/net/wget/patches/patch-configure b/net/wget/patches/patch-configure deleted file mode 100644 index f4d23ba4f70..00000000000 --- a/net/wget/patches/patch-configure +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-configure,v 1.1 2016/06/11 18:33:22 wiz Exp $ - -Fix unportable test(1) operator. - ---- configure.orig 2016-06-09 16:12:51.000000000 +0000 -+++ configure -@@ -40378,7 +40378,7 @@ fi - fi - - --if test "X$with_cares" == "Xyes"; then : -+if test "X$with_cares" = "Xyes"; then : - - - pkg_failed=no |