| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
* Noteworthy changes in release 1.21.3 (2022-02-26)
** Fix computation of total bytes downloaded during FTP trasnfers (#61277)
** Add option to select TLS 1.3 on the command line
** Fix HSTS build issues on some 64-bit big-endian systems
** Hide password during status report in --no-verbose
** Remove a sprurious print statement that showed up even during --quiet
** Some more cleanups and bug-fixes
|
|
|
|
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Not committed (merge conflicts...):
net/radsecproxy/distinfo
The following distfiles could not be fetched (fetched conditionally?):
./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz
./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch
./net/djbdns/distinfo djbdns-1.05-test28.diff.xz
./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch
./net/djbdns/distinfo djbdns-1.05-multiip.diff
./net/djbdns/distinfo djbdns-cachestats.patch
|
|
|
|
|
|
|
|
* Noteworthy changes in release 1.21.2 (2021-09-07)
** Support for autoconf 2.71
** Fix a double free in FTP when using an absolute path
** Release tarballs no longer have a dependency on Python.
** --page-requisites will now also download links marked as "alternate
stylesheet" or "icon"
|
|
|
|
|
|
build-tested on CentOS 7 and Tribblix m24.
|
|
Changelog:
* Noteworthy changes in release 1.21.1 (2021-01-09)
** Fix compilation on MacOS and Solaris 9
** Resove bashism from configure.ac
** Fix a compilation warning on 32-bit systems
|
|
PKG_OPTIONS_OPTIONAL_GROUPS and allow building with neither.
The default remains openssl.
|
|
|
|
|
|
* Changes in Wget 1.21
** Improve the number of translated strings
** Remove all uses of alloca
In some places the length of untrusted strings has been used, e.g.
strings from the command line or from remote.
** Fix buffer overflows in progress bar code in some locales
** Fix two null pointer accesses
** Amend cookie file header to be recognized by the 'file' command
** Post Handshake Authentication for OpenSSL
** Require gettext version 0.19.3+
** Add configure flags --enable-fsanitize-ubsan, --enable-fsanitize-asan
and --enable-fsanitize-msan for gcc and clang
** Make several smaller fixes, enhance fuzzing, enhance building
|
|
|
|
|
|
|
|
|
|
|
|
|
|
pkglint --only "https instead of http" -r -F
With manual adjustments afterwards since pkglint 19.4.4 fixed a few
indentations in unrelated lines.
This mainly affects projects hosted at SourceForce, as well as
freedesktop.org, CTAN and GNU.
|
|
|
|
OpenSSL 1.1.1d no longer ships des_old.h, and the time for this being
necessary appears to be behind us.
|
|
pkglint -Wall -F --only aligned --only indent -r
No manual corrections.
|
|
|
|
|
|
Backport upstream commit 14e3712b8c39165219fa227bd11f6feae7b09a33
to fix https:// handling when openssl.cnf file is not found.
PKGREVISION++
|
|
It appears that the buffer overflow issue referred to is the same in
both 1.20.2 and 1.20.3 (they had to fix the fix).
Upstream changelog:
* Changes in Wget 1.20.3
** Fixed a buffer overflow vulnerability
* Changes in Wget 1.20.2
** NTLM authentication will retry under certain cases
** Fixed a buffer overflow vulnerability
|
|
|
|
Upstream changelog:
* Changes in Wget 1.20.1
** --xattr is no longer default since it introduces privacy issues.
** --xattr saves the Referer as scheme/host/port, user/pw/path/query/fragment
are no longer saved to prevent privacy issues.
** --xattr saves the Original URL without user/password to prevent
privacy issues.
* Changes in Wget 1.20
** Add new option `--retry-on-host-error` to treat local errors as
transient and hence Wget will retry to download the file after
a brief waiting period.
** Fixed multiple potential resource leaks as found by static analysis
** Wget will now not create an empty wget-log file when running with
-q and -b switches together
** When compiled using the GnuTLS >= 3.6.3, Wget now has support for TLSv1.3
** Now there is support for using libpcre2 for regex pattern matching
** When downloading over FTP recursively, one can now use the
--{accept,reject}-regex switches to fine-tune the downloaded files
** Building Wget from the git sources now requires autoconf 2.63 or above.
Building from the Tarballs works as it used to.
|
|
|
|
Enabling the PSL is a good thing for security and privacy, as it protects
against all sorts of cookie shenanigans.
Bump revision.
|
|
|
|
This improves privacy by restricting cookies to a well-known list of
public suffixes.
We can consider turning that option on by default in the future.
Fixes PR pkg/53459.
|
|
* Changes in Wget 1.19.5
* Fix cookie injection (CVE-2018-0494)
* Enable TLS1.3 with recent OpenSSL environment
* New option --ciphers to set GnuTLS / OpenSSL ciphers directly
* Updated CSS grammar to CSS 2.2
* Fixed several memleaks found by OSS-Fuzz
* Fixed several buffer overflows found by OSS-Fuzz
* Fixed several integer overflows found by OSS-Fuzz
* Several minor bug fixes
* Changes in Wget 1.19.4
* A major bug that caused GZip'ed pages to never be decompressed has been fixed
* Support for Content-Encoding and Transfer-Encoding have been marked as
experimental and disabled by default
* Changes in Wget 1.19.3
* Prevent erroneous decompression of .gz and .tgz files with broken servers
* Added support for HTTP 308 Permanent Redirect response
* Fix a segfault in some cases where the Content-Type header is not sent
* Support OpenSSL 1.1 builds without using deprecated features
* Fix netrc file detection on Windows
* Several minor bug fixes
|
|
|
|
* Changes in Wget 1.19.2
* Fix CVE-2017-13089 (Stack overflow in HTTP protocol handling)
* Fix CVE-2017-13090 (Heap overflow in HTTP protocol handling)
* New option --compression for gzip Content-Encoding
* New option --[no]-netrc to control .netrc parsing
* Added GNU extensions to .netrc parsing
* Improved IDNA 2003 compatibility
* Fix VPATH issues
* Improved and extended the test suite
* Support Wayback Machine's X-Archive-Orig-last-modified
* Several bug fixes
|
|
Since wget-1.19, libidn2 is needed for the IDN/IRIs support. Adjust
the `idn' package option logic to reflect that and explicitly ask
for it via CONFIGURE_ARGS. This should also fix the build without
the `idn' option selected pointed out by john heasley via PR pkg/52726.
Bump PKGREVISION
|
|
|
|
|
|
Changelog:
* Changes in Wget 1.19.1
* Fix bugs, a regression, portability/build issues
* Add new option --retry-on-http-error
* Changes in Wget 1.19
* New option --use-askpass=COMMAND. Fetch user/password by calling
an external program.
* Use IDNA2008 (+ TR46 if available) through libidn2
* When processing a Metalink header, --metalink-index=<number> allows
to process the header's application/metalink4+xml files.
* When processing a Metalink file, --trust-server-names enables the
use of the destination file names specified in the Metalink file,
otherwise a safe destination file name is computed.
* When processing a Metalink file, enforce a safe destination path.
Remove any drive letter prefix under w32, i.e. 'C:D:file'. Call
libmetalink's metalink_check_safe_path() to prevent absolute,
relative, or home paths:
https://tools.ietf.org/html/rfc5854#section-4.1.2.1
https://tools.ietf.org/html/rfc5854#section-4.2.8.3
* When processing a Metalink file, --directory-prefix=<prefix> sets
the top of the retrieval tree to prefix for Metalink downloads.
* When processing a Metalink file, reject downloaded files which don't
agree with their own metalink:size value:
https://tools.ietf.org/html/rfc5854#section-4.2.16
* When processing a Metalink file, with --continue resume partially
downloaded files and keep fully downloaded files even if they fail
the verification.
* When processing a Metalink file, create the parent directories of a
"path/file" destination file name:
https://tools.ietf.org/html/rfc5854#section-4.1.2.1
https://tools.ietf.org/html/rfc5854#section-4.2.8.3
* On a recursive download, append a .tmp suffix to temporary files
that will be deleted after being parsed, and create them
readable/writable only by the owner.
* New make target 'check-valgrind'
* Fix several bugs
* Fix compatibility issues
|
|
|
|
|
|
|
|
* Changes in Wget 1.18
* By default, on server redirects to a FTP resource, use the original
URL to get the local file name. Close CVE-2016-4971. This
introduces a backward-incompatibility for HTTP->FTP redirects and
any script that relies on the old behaviour must use
--trust-server-names.
* Check the HSTS file is not world-writable before using it.
* Parse <img srcset> attributes on a recursive download.
* Fix problem with SNI server names having trailing dot(s)
* New options --bind-dns-address and --dns-servers.
* When Wget is built with libiconv, it now converts non-ASCII URIs to
the locale's codeset when it creates files. The encoding of the
remote files and URIs is taken from --remote-encoding, defaulting to
UTF-8. The result is that non-ASCII URIs and files downloaded via
HTTP/HTTPS and FTP will have names on the local filesystem that
correspond to their remote names.
|
|
|
|
* Changes in Wget 1.17.1
* Fix compile error when IPv6 is disabled or SSL is not present.
* Fix HSTS memory leak.
* Fix progress output in non-C locales.
* Fix SIGSEGV when -N and --content-disposition are used together.
* Add --check-certificate=quiet to tell wget to not print any warning about
invalid certificates.
|
