Hello community, here is the log from the commit of package wget for openSUSE:Leap:15.2 checked in at 2020-04-14 14:18:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/wget (Old) and /work/SRC/openSUSE:Leap:15.2/.wget.new.3248 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "wget" Tue Apr 14 14:18:47 2020 rev:34 rq:792904 version:1.20.3 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/wget/wget.changes 2020-01-15 16:29:09.352778205 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.wget.new.3248/wget.changes 2020-04-14 14:18:48.769177388 +0200 @@ -2 +2 @@ -Fri Apr 5 12:45:48 UTC 2019 - [email protected] +Thu Mar 12 14:53:52 UTC 2020 - Paolo Stivanin <[email protected]> @@ -4,3 +4,2 @@ -- Fixed a buffer overflow vulnerability - [bsc#1131493, CVE-2019-5953, - wget-buffer-overflow-CVE-2019-5953.patch] +- split lang files into separate lang package +- add remove-env-from-shebang.patch @@ -9 +8 @@ -Wed Jan 9 10:47:12 UTC 2019 - [email protected] +Fri Apr 5 14:57:54 UTC 2019 - [email protected] @@ -11,3 +10,50 @@ -- Do not store sensitive data in a d/l-ed file's metadata - [ bad-metadata-CVE-2018-20483.patch, CVE-2018-20483, - bsc#1120382 ] +- Upgrade to GNU wget 1.20.3: + * Finally fixed the buffer overflow vulnerability + * obsoletes patch wget-buffer-overflow-CVE-2019-5953.patch + [bsc#1131493, CVE-2019-5953] + +------------------------------------------------------------------- +Wed Apr 03 05:07:33 UTC 2019 - [email protected] + +- GNU wget 1.20.2: + * NTLM authentication will retry under certain cases + * Fixed a buffer overflow vulnerability + +------------------------------------------------------------------- +Fri Jan 11 15:49:59 UTC 2019 - Martin Pluskal <[email protected]> + +- Use pcre2 +- Make building more verbose + +------------------------------------------------------------------- +Fri Dec 28 20:51:04 UTC 2018 - [email protected] + +- GNU wget 1.20.1: + * --xattr is no longer default since it introduces privacy issues + * --xattr saves the Referer as scheme/host/port, + user/pw/path/query/fragment are no longer saved to prevent + privacy issues + * --xattr saves the Original URL without user/password to prevent + privacy issues + * all of the above fix CVE-2018-20483 (bsc#1120382) + +------------------------------------------------------------------- +Fri Nov 30 14:02:43 UTC 2018 - [email protected] + +- Version update to 1.20: + * Add new option `--retry-on-host-error` to treat local errors as + transient and hence Wget will retry to download the file after + a brief waiting period. + * multiple potential resource leaks as found by static analysis. + * Wget will now not create an empty wget-log file when running + with -q and -b. switches together + * When compiled using the GnuTLS = 3.6.3, Wget now has support + for TLSv1.3. + * Now there is support for using libpcre2 for regex pattern + matching. + * When downloading over FTP recursively, one can now use the + --accept,reject -regex switches to fine-tune the downloaded + files. + * Building Wget from the git sources now requires autoconf 2.63 + or above. Building from the Tarballs works as it used to. + [bsc#1167919, wget-ignore-void-retvalue.patch] Old: ---- bad-metadata-CVE-2018-20483.patch wget-1.19.5.tar.gz wget-1.19.5.tar.gz.sig wget-buffer-overflow-CVE-2019-5953.patch wget-ignore-void-retvalue.patch New: ---- remove-env-from-shebang.patch wget-1.20.3.tar.gz wget-1.20.3.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ wget.spec ++++++ --- /var/tmp/diff_new_pack.uwiWcQ/_old 2020-04-14 14:18:49.261177755 +0200 +++ /var/tmp/diff_new_pack.uwiWcQ/_new 2020-04-14 14:18:49.261177755 +0200 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2018 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,18 +12,18 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # %bcond_with regression_tests Name: wget -Version: 1.19.5 +Version: 1.20.3 Release: 0 Summary: A Tool for Mirroring FTP and HTTP Servers -License: GPL-3.0+ +License: GPL-3.0-or-later Group: Productivity/Networking/Web/Utilities -Url: https://www.gnu.org/software/wget/ +URL: https://www.gnu.org/software/wget/ Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz Source1: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz.sig Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wget&download=1#/wget.keyring @@ -33,9 +33,7 @@ # PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 [email protected] Patch7: wget-fix-pod-syntax.diff Patch8: wget-errno-clobber.patch -Patch9: wget-ignore-void-retvalue.patch -Patch10: bad-metadata-CVE-2018-20483.patch -Patch11: wget-buffer-overflow-CVE-2019-5953.patch +Patch9: remove-env-from-shebang.patch BuildRequires: automake BuildRequires: gpgme-devel >= 0.4.2 BuildRequires: libcares-devel @@ -49,7 +47,7 @@ %if %{?suse_version} > 1110 BuildRequires: pkgconfig BuildRequires: pkgconfig(libmetalink) -BuildRequires: pkgconfig(libpcre) +BuildRequires: pkgconfig(libpcre2-8) BuildRequires: pkgconfig(libpsl) BuildRequires: pkgconfig(uuid) %else @@ -71,9 +69,11 @@ Wget enables you to retrieve WWW documents or FTP files from a server. This can be done in script files or via the command line. +%lang_package + %prep %setup -q -%patch0 +%patch0 -p1 %if 0%{?suse_version} > 1110 %patch1 -p1 %endif @@ -81,8 +81,6 @@ %patch7 -p1 %patch8 -p1 %patch9 -p1 -%patch10 -p1 -%patch11 -p1 %build %if 0%{?suse_version} > 1110 @@ -93,16 +91,17 @@ --with-ssl=openssl \ --with-cares \ --with-metalink -make %{?_smp_mflags} +%make_build +sed -i 's/\/usr\/bin\/env perl -w/\/usr\/bin\/perl -w/' util/rmold.pl %check %if %{with regression_tests} -make %{?_smp_mflags} -C tests/ check +%make_build -C tests/ check %endif %install %make_install -%find_lang %{name} +%find_lang %{name} %{?no_lang_C} %post %install_info --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz @@ -110,12 +109,15 @@ %postun %install_info_delete --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz -%files -f %{name}.lang -%doc AUTHORS COPYING NEWS README MAILING-LIST +%files +%license COPYING +%doc AUTHORS NEWS README MAILING-LIST %doc doc/sample.wgetrc util/rmold.pl %{_mandir}/*/wget* %{_infodir}/wget* %config(noreplace) %{_sysconfdir}/wgetrc %{_bindir}/* +%files lang -f %{name}.lang + %changelog ++++++ remove-env-from-shebang.patch ++++++ --- a/util/rmold.pl.orig 2020-03-12 16:35:43.520481987 +0100 +++ b/util/rmold.pl 2020-03-12 16:35:49.244490296 +0100 @@ -1,4 +1,4 @@ -#!/usr/bin/env perl -w +#!/usr/bin/perl -w # Copyright (C) 1995-1997, 2007-2011, 2015, 2018-2019 Free Software # Foundation, Inc. ++++++ wget-1.19.5.tar.gz -> wget-1.20.3.tar.gz ++++++ ++++ 201551 lines of diff (skipped) ++++++ wget-libproxy.patch ++++++ --- /var/tmp/diff_new_pack.uwiWcQ/_old 2020-04-14 14:18:49.993178302 +0200 +++ /var/tmp/diff_new_pack.uwiWcQ/_new 2020-04-14 14:18:49.993178302 +0200 @@ -1,10 +1,10 @@ -Index: wget-1.19.1/configure.ac +Index: wget-1.20/configure.ac =================================================================== ---- wget-1.19.1.orig/configure.ac -+++ wget-1.19.1/configure.ac -@@ -506,6 +506,22 @@ AS_IF([test x"$with_metalink" != xno], [ - ]) - ]) +--- wget-1.20.orig/configure.ac ++++ wget-1.20/configure.ac +@@ -493,6 +493,22 @@ else + fi + fi +dnl +dnl libproxy support @@ -25,11 +25,11 @@ dnl ********************************************************************** dnl Checks for IPv6 dnl ********************************************************************** -Index: wget-1.19.1/src/Makefile.am +Index: wget-1.20/src/Makefile.am =================================================================== ---- wget-1.19.1.orig/src/Makefile.am -+++ wget-1.19.1/src/Makefile.am -@@ -64,7 +64,7 @@ wget_SOURCES = connect.c convert.c cooki +--- wget-1.20.orig/src/Makefile.am ++++ wget-1.20/src/Makefile.am +@@ -62,7 +62,7 @@ wget_SOURCES = connect.c convert.c cooki nodist_wget_SOURCES = version.c EXTRA_wget_SOURCES = iri.c LDADD = $(LIBOBJS) ../lib/libgnu.a $(GETADDRINFO_LIB) $(HOSTENT_LIB)\ @@ -38,11 +38,11 @@ $(LIB_NANOSLEEP) $(LIB_POSIX_SPAWN) $(LIB_SELECT) $(LIBICONV) $(LIBINTL)\ $(LIBTHREAD) $(LIBUNISTRING) $(SERVENT_LIB) AM_CPPFLAGS = -I$(top_builddir)/lib -I$(top_srcdir)/lib -Index: wget-1.19.1/src/retr.c +Index: wget-1.20/src/retr.c =================================================================== ---- wget-1.19.1.orig/src/retr.c -+++ wget-1.19.1/src/retr.c -@@ -58,6 +58,10 @@ as that of the covered work. */ +--- wget-1.20.orig/src/retr.c ++++ wget-1.20/src/retr.c +@@ -61,6 +61,10 @@ as that of the covered work. */ #include "iri.h" #include "hsts.h" @@ -53,7 +53,7 @@ /* Total size of downloaded files. Used to enforce quota. */ SUM_SIZE_INT total_downloaded_bytes; -@@ -1319,7 +1323,40 @@ getproxy (struct url *u) +@@ -1480,7 +1484,40 @@ getproxy (struct url *u) break; } if (!proxy || !*proxy) @@ -94,11 +94,11 @@ /* Handle shorthands. `rewritten_storage' is a kludge to allow getproxy() to return static storage. */ -Index: wget-1.19.1/tests/Makefile.am +Index: wget-1.20/tests/Makefile.am =================================================================== ---- wget-1.19.1.orig/tests/Makefile.am -+++ wget-1.19.1/tests/Makefile.am -@@ -32,6 +32,7 @@ +--- wget-1.20.orig/tests/Makefile.am ++++ wget-1.20/tests/Makefile.am +@@ -30,6 +30,7 @@ # # Version: @VERSION@ # ++++++ wget.keyring ++++++ ++++ 2200 lines (skipped) ++++ between wget.keyring ++++ and /work/SRC/openSUSE:Leap:15.2/.wget.new.3248/wget.keyring ++++++ wgetrc.patch ++++++ --- /var/tmp/diff_new_pack.uwiWcQ/_old 2020-04-14 14:18:50.025178325 +0200 +++ /var/tmp/diff_new_pack.uwiWcQ/_new 2020-04-14 14:18:50.029178328 +0200 @@ -1,8 +1,8 @@ -Index: doc/sample.wgetrc +Index: wget-1.20/doc/sample.wgetrc =================================================================== ---- doc/sample.wgetrc.orig -+++ doc/sample.wgetrc -@@ -114,6 +114,9 @@ +--- wget-1.20.orig/doc/sample.wgetrc ++++ wget-1.20/doc/sample.wgetrc +@@ -120,6 +120,9 @@ # To try ipv6 addresses first: #prefer-family = IPv6
