commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2020-03-29 14:25:46 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new.3160 (New) Package is "wget" Sun Mar 29 14:25:46 2020 rev:61 rq:789291 version:1.20.3 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2020-03-27 21:57:14.306790694 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new.3160/wget.changes 2020-03-29 14:25:54.446104011 +0200 @@ -59 +59 @@ - [wget-ignore-void-retvalue.patch] + [bsc#1167919, wget-ignore-void-retvalue.patch] Other differences: --
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2020-03-27 21:56:36 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new.3160 (New) Package is "wget" Fri Mar 27 21:56:36 2020 rev:60 rq:789136 version:1.20.3 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2020-03-17 13:07:35.889681615 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new.3160/wget.changes 2020-03-27 21:57:14.306790694 +0100 @@ -12 +12,2 @@ - [CVE-2019-5953] + * obsoletes patch wget-buffer-overflow-CVE-2019-5953.patch + [bsc#1131493, CVE-2019-5953] Other differences: --
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2020-03-17 13:07:29 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new.3160 (New) Package is "wget" Tue Mar 17 13:07:29 2020 rev:59 rq:784363 version:1.20.3 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2019-04-10 23:10:23.215918767 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new.3160/wget.changes 2020-03-17 13:07:35.889681615 +0100 @@ -1,0 +2,6 @@ +Thu Mar 12 14:53:52 UTC 2020 - Paolo Stivanin + +- split lang files into separate lang package +- add remove-env-from-shebang.patch + +--- New: remove-env-from-shebang.patch Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.hXnW7p/_old 2020-03-17 13:07:37.617682942 +0100 +++ /var/tmp/diff_new_pack.hXnW7p/_new 2020-03-17 13:07:37.617682942 +0100 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -23,7 +23,7 @@ Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0-or-later Group: Productivity/Networking/Web/Utilities -Url:https://www.gnu.org/software/wget/ +URL:https://www.gnu.org/software/wget/ Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz Source1:https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz.sig Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wget=1#/wget.keyring @@ -33,6 +33,7 @@ # PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 co...@suse.de Patch7: wget-fix-pod-syntax.diff Patch8: wget-errno-clobber.patch +Patch9: remove-env-from-shebang.patch BuildRequires: automake BuildRequires: gpgme-devel >= 0.4.2 BuildRequires: libcares-devel @@ -68,6 +69,8 @@ Wget enables you to retrieve WWW documents or FTP files from a server. This can be done in script files or via the command line. +%lang_package + %prep %setup -q %patch0 -p1 @@ -77,6 +80,7 @@ %patch6 %patch7 -p1 %patch8 -p1 +%patch9 -p1 %build %if 0%{?suse_version} > 1110 @@ -87,16 +91,17 @@ --with-ssl=openssl \ --with-cares \ --with-metalink -make %{?_smp_mflags} V=1 +%make_build +sed -i 's/\/usr\/bin\/env perl -w/\/usr\/bin\/perl -w/' util/rmold.pl %check %if %{with regression_tests} -make %{?_smp_mflags} -C tests/ check +%make_build -C tests/ check %endif %install %make_install -%find_lang %{name} +%find_lang %{name} %{?no_lang_C} %post %install_info --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz @@ -104,7 +109,7 @@ %postun %install_info_delete --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz -%files -f %{name}.lang +%files %license COPYING %doc AUTHORS NEWS README MAILING-LIST %doc doc/sample.wgetrc util/rmold.pl @@ -113,4 +118,6 @@ %config(noreplace) %{_sysconfdir}/wgetrc %{_bindir}/* +%files lang -f %{name}.lang + %changelog ++ remove-env-from-shebang.patch ++ --- a/util/rmold.pl.orig2020-03-12 16:35:43.520481987 +0100 +++ b/util/rmold.pl 2020-03-12 16:35:49.244490296 +0100 @@ -1,4 +1,4 @@ -#!/usr/bin/env perl -w +#!/usr/bin/perl -w # Copyright (C) 1995-1997, 2007-2011, 2015, 2018-2019 Free Software # Foundation, Inc.
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2019-04-10 23:10:21 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new.27019 (New) Package is "wget" Wed Apr 10 23:10:21 2019 rev:58 rq:692215 version:1.20.3 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2019-04-05 11:55:00.286260804 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new.27019/wget.changes 2019-04-10 23:10:23.215918767 +0200 @@ -1,0 +2,7 @@ +Fri Apr 5 14:57:54 UTC 2019 - josef.moell...@suse.com + +- Upgrade to GNU wget 1.20.3: + * Finally fixed the buffer overflow vulnerability + [CVE-2019-5953] + +--- Old: wget-1.20.2.tar.gz wget-1.20.2.tar.gz.sig New: wget-1.20.3.tar.gz wget-1.20.3.tar.gz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.tItp52/_old 2019-04-10 23:10:24.195919880 +0200 +++ /var/tmp/diff_new_pack.tItp52/_new 2019-04-10 23:10:24.199919885 +0200 @@ -12,18 +12,18 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# Please submit bugfixes or comments via http://bugs.opensuse.org/ # %bcond_withregression_tests Name: wget -Version:1.20.2 +Version:1.20.3 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0-or-later Group: Productivity/Networking/Web/Utilities -URL:https://www.gnu.org/software/wget/ +Url:https://www.gnu.org/software/wget/ Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz Source1:https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz.sig Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wget=1#/wget.keyring ++ wget-1.20.2.tar.gz -> wget-1.20.3.tar.gz ++ 6614 lines of diff (skipped)
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2019-04-05 11:54:56 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new.3908 (New) Package is "wget" Fri Apr 5 11:54:56 2019 rev:57 rq:690864 version:1.20.2 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2019-02-04 21:17:10.975741686 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new.3908/wget.changes 2019-04-05 11:55:00.286260804 +0200 @@ -1,0 +2,7 @@ +Wed Apr 03 05:07:33 UTC 2019 - sean...@opensuse.org + +- GNU wget 1.20.2: + * NTLM authentication will retry under certain cases + * Fixed a buffer overflow vulnerability + +--- Old: wget-1.20.1.tar.gz wget-1.20.1.tar.gz.sig New: wget-1.20.2.tar.gz wget-1.20.2.tar.gz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.GTmjli/_old 2019-04-05 11:55:02.102262268 +0200 +++ /var/tmp/diff_new_pack.GTmjli/_new 2019-04-05 11:55:02.118262281 +0200 @@ -18,7 +18,7 @@ %bcond_withregression_tests Name: wget -Version:1.20.1 +Version:1.20.2 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0-or-later ++ wget-1.20.1.tar.gz -> wget-1.20.2.tar.gz ++ 53436 lines of diff (skipped)
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2019-02-04 21:17:09 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new.28833 (New) Package is "wget" Mon Feb 4 21:17:09 2019 rev:56 rq:665641 version:1.20.1 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2019-01-03 18:03:13.484321944 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new.28833/wget.changes 2019-02-04 21:17:10.975741686 +0100 @@ -1,0 +2,6 @@ +Fri Jan 11 15:49:59 UTC 2019 - Martin Pluskal + +- Use pcre2 +- Make building more verbose + +--- Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.p611yq/_old 2019-02-04 21:17:11.655741431 +0100 +++ /var/tmp/diff_new_pack.p611yq/_new 2019-02-04 21:17:11.659741430 +0100 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -46,7 +46,7 @@ %if %{?suse_version} > 1110 BuildRequires: pkgconfig BuildRequires: pkgconfig(libmetalink) -BuildRequires: pkgconfig(libpcre) +BuildRequires: pkgconfig(libpcre2-8) BuildRequires: pkgconfig(libpsl) BuildRequires: pkgconfig(uuid) %else @@ -87,7 +87,7 @@ --with-ssl=openssl \ --with-cares \ --with-metalink -make %{?_smp_mflags} +make %{?_smp_mflags} V=1 %check %if %{with regression_tests}
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2019-01-03 18:03:11 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new.28833 (New) Package is "wget" Thu Jan 3 18:03:11 2019 rev:55 rq:661870 version:1.20.1 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2018-12-10 12:25:18.958708055 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new.28833/wget.changes 2019-01-03 18:03:13.484321944 +0100 @@ -1,0 +2,12 @@ +Fri Dec 28 20:51:04 UTC 2018 - astie...@suse.com + +- GNU wget 1.20.1: + * --xattr is no longer default since it introduces privacy issues + * --xattr saves the Referer as scheme/host/port, +user/pw/path/query/fragment are no longer saved to prevent +privacy issues + * --xattr saves the Original URL without user/password to prevent +privacy issues + * all of the above fix CVE-2018-20483 (bsc#1120382) + +--- Old: wget-1.20.tar.gz wget-1.20.tar.gz.sig New: wget-1.20.1.tar.gz wget-1.20.1.tar.gz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.eerVSy/_old 2019-01-03 18:03:14.056321435 +0100 +++ /var/tmp/diff_new_pack.eerVSy/_new 2019-01-03 18:03:14.060321432 +0100 @@ -12,18 +12,18 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # %bcond_withregression_tests Name: wget -Version:1.20 +Version:1.20.1 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers -License:GPL-3.0+ +License:GPL-3.0-or-later Group: Productivity/Networking/Web/Utilities -Url:https://www.gnu.org/software/wget/ +URL:https://www.gnu.org/software/wget/ Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz Source1:https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz.sig Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wget=1#/wget.keyring @@ -105,7 +105,8 @@ %install_info_delete --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz %files -f %{name}.lang -%doc AUTHORS COPYING NEWS README MAILING-LIST +%license COPYING +%doc AUTHORS NEWS README MAILING-LIST %doc doc/sample.wgetrc util/rmold.pl %{_mandir}/*/wget* %{_infodir}/wget* ++ wget-1.20.tar.gz -> wget-1.20.1.tar.gz ++ 7889 lines of diff (skipped) ++ wget.keyring ++ 2200 lines (skipped) between wget.keyring and /work/SRC/openSUSE:Factory/.wget.new.28833/wget.keyring
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2018-12-10 12:24:36 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new.19453 (New) Package is "wget" Mon Dec 10 12:24:36 2018 rev:54 rq:653225 version:1.20 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2018-05-11 09:13:32.544802721 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new.19453/wget.changes 2018-12-10 12:25:18.958708055 +0100 @@ -1,0 +2,21 @@ +Fri Nov 30 14:02:43 UTC 2018 - josef.moell...@suse.com + +- Version update to 1.20: + * Add new option `--retry-on-host-error` to treat local errors as +transient and hence Wget will retry to download the file after +a brief waiting period. + * multiple potential resource leaks as found by static analysis. + * Wget will now not create an empty wget-log file when running +with -q and -b. switches together + * When compiled using the GnuTLS = 3.6.3, Wget now has support +for TLSv1.3. + * Now there is support for using libpcre2 for regex pattern +matching. + * When downloading over FTP recursively, one can now use the +--accept,reject -regex switches to fine-tune the downloaded +files. + * Building Wget from the git sources now requires autoconf 2.63 +or above. Building from the Tarballs works as it used to. + [wget-ignore-void-retvalue.patch] + +--- Old: wget-1.19.5.tar.gz wget-1.19.5.tar.gz.sig wget-ignore-void-retvalue.patch New: wget-1.20.tar.gz wget-1.20.tar.gz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.yriiTl/_old 2018-12-10 12:25:19.918707098 +0100 +++ /var/tmp/diff_new_pack.yriiTl/_new 2018-12-10 12:25:19.918707098 +0100 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2018 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %bcond_withregression_tests Name: wget -Version:1.19.5 +Version:1.20 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ @@ -33,7 +33,6 @@ # PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 co...@suse.de Patch7: wget-fix-pod-syntax.diff Patch8: wget-errno-clobber.patch -Patch9: wget-ignore-void-retvalue.patch BuildRequires: automake BuildRequires: gpgme-devel >= 0.4.2 BuildRequires: libcares-devel @@ -71,14 +70,13 @@ %prep %setup -q -%patch0 +%patch0 -p1 %if 0%{?suse_version} > 1110 %patch1 -p1 %endif %patch6 %patch7 -p1 %patch8 -p1 -%patch9 -p1 %build %if 0%{?suse_version} > 1110 ++ wget-1.19.5.tar.gz -> wget-1.20.tar.gz ++ 173958 lines of diff (skipped) ++ wget-libproxy.patch ++ --- /var/tmp/diff_new_pack.yriiTl/_old 2018-12-10 12:25:20.718706300 +0100 +++ /var/tmp/diff_new_pack.yriiTl/_new 2018-12-10 12:25:20.718706300 +0100 @@ -1,10 +1,10 @@ -Index: wget-1.19.1/configure.ac +Index: wget-1.20/configure.ac === wget-1.19.1.orig/configure.ac -+++ wget-1.19.1/configure.ac -@@ -506,6 +506,22 @@ AS_IF([test x"$with_metalink" != xno], [ - ]) - ]) +--- wget-1.20.orig/configure.ac wget-1.20/configure.ac +@@ -493,6 +493,22 @@ else + fi + fi +dnl +dnl libproxy support @@ -25,11 +25,11 @@ dnl ** dnl Checks for IPv6 dnl ** -Index: wget-1.19.1/src/Makefile.am +Index: wget-1.20/src/Makefile.am === wget-1.19.1.orig/src/Makefile.am -+++ wget-1.19.1/src/Makefile.am -@@ -64,7 +64,7 @@ wget_SOURCES = connect.c convert.c cooki +--- wget-1.20.orig/src/Makefile.am wget-1.20/src/Makefile.am +@@ -62,7 +62,7 @@ wget_SOURCES = connect.c convert.c cooki nodist_wget_SOURCES = version.c EXTRA_wget_SOURCES = iri.c LDADD = $(LIBOBJS) ../lib/libgnu.a $(GETADDRINFO_LIB) $(HOSTENT_LIB)\ @@ -38,11 +38,11 @@ $(LIB_NANOSLEEP) $(LIB_POSIX_SPAWN) $(LIB_SELECT) $(LIBICONV) $(LIBINTL)\ $(LIBTHREAD) $(LIBUNISTRING) $(SERVENT_LIB) AM_CPPFLAGS = -I$(top_builddir)/lib -I$(top_srcdir)/lib -Index: wget-1.19.1/src/retr.c +Index: wget-1.20/src/retr.c === wget-1.19.1.orig/src/retr.c -+++ wget-1.19.1/src/retr.c -@@ -58,6 +58,10 @@ as that of
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2018-05-11 09:13:28 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Fri May 11 09:13:28 2018 rev:53 rq:604725 version:1.19.5 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2018-02-19 12:58:51.470642984 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2018-05-11 09:13:32.544802721 +0200 @@ -1,0 +2,14 @@ +Mon May 7 07:04:05 UTC 2018 - josef.moell...@suse.com + +- GNU wget 1.19.5: + * Fix cookie injection (CVE-2018-0494, bsc#1092061) + * Enable TLS1.3 with recent OpenSSL environment + * New option --ciphers to set GnuTLS / OpenSSL ciphers directly + * Updated CSS grammar to CSS 2.2 + * Fixed several memleaks found by OSS-Fuzz + * Fixed several buffer overflows found by OSS-Fuzz + * Fixed several integer overflows found by OSS-Fuzz + * Several minor bug fixes + [bsc#1092061, CVE-2018-0494, wget-ignore-void-retvalue.patch] + +--- Old: wget-1.19.4.tar.gz wget-1.19.4.tar.gz.sig New: wget-1.19.5.tar.gz wget-1.19.5.tar.gz.sig wget-ignore-void-retvalue.patch Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.aghHca/_old 2018-05-11 09:13:33.816756645 +0200 +++ /var/tmp/diff_new_pack.aghHca/_new 2018-05-11 09:13:33.816756645 +0200 @@ -18,7 +18,7 @@ %bcond_withregression_tests Name: wget -Version:1.19.4 +Version:1.19.5 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ @@ -33,6 +33,7 @@ # PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 co...@suse.de Patch7: wget-fix-pod-syntax.diff Patch8: wget-errno-clobber.patch +Patch9: wget-ignore-void-retvalue.patch BuildRequires: automake BuildRequires: gpgme-devel >= 0.4.2 BuildRequires: libcares-devel @@ -77,6 +78,7 @@ %patch6 %patch7 -p1 %patch8 -p1 +%patch9 -p1 %build %if 0%{?suse_version} > 1110 ++ wget-1.19.4.tar.gz -> wget-1.19.5.tar.gz ++ 160495 lines of diff (skipped) ++ wget-ignore-void-retvalue.patch ++ Index: wget-1.19.5/src/host.c === --- wget-1.19.5.orig/src/host.c +++ wget-1.19.5/src/host.c @@ -732,7 +732,10 @@ wait_ares (ares_channel channel) ares_process (channel, _fds, _fds); } if (timer) -timer = ptimer_destroy (timer); + { +ptimer_destroy (timer); +timer = NULL; + } } static void ++ wget.keyring ++ 2200 lines (skipped) between /work/SRC/openSUSE:Factory/wget/wget.keyring and /work/SRC/openSUSE:Factory/.wget.new/wget.keyring
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2018-02-19 12:58:48 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Mon Feb 19 12:58:48 2018 rev:52 rq:577644 version:1.19.4 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2018-01-26 13:34:38.646901434 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2018-02-19 12:58:51.470642984 +0100 @@ -1,0 +2,6 @@ +Fri Feb 16 09:15:00 UTC 2018 - josef.moell...@suse.com + +- Original package had sources lzip compressed. Downloaded .gz + compressed file including signature file. + +--- Old: wget-1.19.4.tar.lz wget-1.19.4.tar.lz.sig New: wget-1.19.4.tar.gz wget-1.19.4.tar.gz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.NxBkOW/_old 2018-02-19 12:58:52.722597833 +0100 +++ /var/tmp/diff_new_pack.NxBkOW/_new 2018-02-19 12:58:52.722597833 +0100 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,8 +24,8 @@ License:GPL-3.0+ Group: Productivity/Networking/Web/Utilities Url:https://www.gnu.org/software/wget/ -Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.lz -Source1:https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.lz.sig +Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz +Source1:https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz.sig Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wget=1#/wget.keyring Patch0: wgetrc.patch Patch1: wget-libproxy.patch @@ -38,7 +38,6 @@ BuildRequires: libcares-devel BuildRequires: libidn2-devel BuildRequires: libpng-devel -BuildRequires: lzip BuildRequires: makeinfo BuildRequires: openssl-devel BuildRequires: pkgconfig >= 0.9.0
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2018-01-26 13:34:37 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Fri Jan 26 13:34:37 2018 rev:51 rq:568217 version:1.19.4 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2017-11-03 16:21:37.187265122 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2018-01-26 13:34:38.646901434 +0100 @@ -1,0 +2,17 @@ +Mon Jan 22 04:36:59 UTC 2018 - avin...@opensuse.org + +- GNU wget 1.19.4: + * Support for Content-Encoding and Transfer-Encoding have been +marked as experimental and disabled by default +- includes 1.19.3: + * Prevent erroneous decompression of .gz and .tgz files with +broken servers + * Added support for HTTP 308 Permanent Redirect response + * Fix segfault in some cases where the Content-Type header is +not sent + * Support OpenSSL 1.1 builds without using deprecated features + * Several minor bug fixes +- switch to lz release (smaller) +- cleanup with spec-cleaner + +--- Old: wget-1.19.2.tar.gz wget-1.19.2.tar.gz.sig New: wget-1.19.4.tar.lz wget-1.19.4.tar.lz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.qYrdlY/_old 2018-01-26 13:34:39.558858838 +0100 +++ /var/tmp/diff_new_pack.qYrdlY/_new 2018-01-26 13:34:39.562858652 +0100 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,14 +18,14 @@ %bcond_withregression_tests Name: wget -Version:1.19.2 +Version:1.19.4 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ Group: Productivity/Networking/Web/Utilities Url:https://www.gnu.org/software/wget/ -Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz -Source1:https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz.sig +Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.lz +Source1:https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.lz.sig Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wget=1#/wget.keyring Patch0: wgetrc.patch Patch1: wget-libproxy.patch @@ -38,15 +38,14 @@ BuildRequires: libcares-devel BuildRequires: libidn2-devel BuildRequires: libpng-devel +BuildRequires: lzip BuildRequires: makeinfo BuildRequires: openssl-devel -BuildRequires: pkg-config >= 0.9.0 -BuildRequires: xz +BuildRequires: pkgconfig >= 0.9.0 # FIXME: use proper Requires(pre/post/preun/...) PreReq: %{install_info_prereq} -BuildRoot: %{_tmppath}/%{name}-%{version}-build %if %{?suse_version} > 1110 -BuildRequires: pkg-config +BuildRequires: pkgconfig BuildRequires: pkgconfig(libmetalink) BuildRequires: pkgconfig(libpcre) BuildRequires: pkgconfig(libpsl) @@ -97,7 +96,7 @@ %endif %install -make %{?_smp_mflags} DESTDIR=%{buildroot} install +%make_install %find_lang %{name} %post @@ -107,7 +106,6 @@ %install_info_delete --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz %files -f %{name}.lang -%defattr(-,root,root) %doc AUTHORS COPYING NEWS README MAILING-LIST %doc doc/sample.wgetrc util/rmold.pl %{_mandir}/*/wget* ++ wget.keyring ++ 879 lines (skipped) between /work/SRC/openSUSE:Factory/wget/wget.keyring and /work/SRC/openSUSE:Factory/.wget.new/wget.keyring
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2017-11-03 16:21:23 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Fri Nov 3 16:21:23 2017 rev:50 rq:537227 version:1.19.2 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2017-10-25 18:00:51.813841269 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2017-11-03 16:21:37.187265122 +0100 @@ -1,0 +2,19 @@ +Fri Oct 27 16:05:55 UTC 2017 - astie...@suse.com + +- GNU wget 1.19.2: + * CVE-2017-13089: Stack overflow in HTTP protocol handling (bsc#1064715) + * CVE-2017-13090: Heap overflow in HTTP protocol handling (bsc#1064716) + * New option --compression for gzip Content-Encoding + * New option --[no]-netrc to control .netrc parsing + * Added GNU extensions to .netrc parsing + * Improved IDNA 2003 compatibility + * Fix VPATH issues + * Improved and extended the test suite + * Support Wayback Machine's X-Archive-Orig-last-modified + * Several bug fixes +- drop upstreamed patches: + * wget-CVE-2017-6508.patch + * wget-416-but-file-not-complete.patch +- unfuzz wget-errno-clobber.patch + +--- Old: wget-1.19.1.tar.xz wget-1.19.1.tar.xz.sig wget-416-but-file-not-complete.patch wget-CVE-2017-6508.patch New: wget-1.19.2.tar.gz wget-1.19.2.tar.gz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.lu8i3X/_old 2017-11-03 16:21:38.275225525 +0100 +++ /var/tmp/diff_new_pack.lu8i3X/_new 2017-11-03 16:21:38.279225380 +0100 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,14 +18,14 @@ %bcond_withregression_tests Name: wget -Version:1.19.1 +Version:1.19.2 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ Group: Productivity/Networking/Web/Utilities Url:https://www.gnu.org/software/wget/ -Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.xz -Source1:https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.xz.sig +Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz +Source1:https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz.sig Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wget=1#/wget.keyring Patch0: wgetrc.patch Patch1: wget-libproxy.patch @@ -33,8 +33,6 @@ # PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 co...@suse.de Patch7: wget-fix-pod-syntax.diff Patch8: wget-errno-clobber.patch -Patch9: wget-CVE-2017-6508.patch -Patch10:wget-416-but-file-not-complete.patch BuildRequires: automake BuildRequires: gpgme-devel >= 0.4.2 BuildRequires: libcares-devel @@ -81,8 +79,6 @@ %patch6 %patch7 -p1 %patch8 -p1 -%patch9 -p1 -%patch10 -p1 %build %if 0%{?suse_version} > 1110 ++ wget-errno-clobber.patch ++ --- /var/tmp/diff_new_pack.lu8i3X/_old 2017-11-03 16:21:38.315224070 +0100 +++ /var/tmp/diff_new_pack.lu8i3X/_new 2017-11-03 16:21:38.319223924 +0100 @@ -1,8 +1,8 @@ -Index: wget-1.18/src/http.c +Index: wget-1.19.2/src/http.c === wget-1.18.orig/src/http.c -+++ wget-1.18/src/http.c -@@ -1516,6 +1516,7 @@ persistent_available_p (const char *host +--- wget-1.19.2.orig/src/http.c2017-10-26 17:30:08.0 +0200 wget-1.19.2/src/http.c 2017-10-27 17:59:48.659093393 +0200 +@@ -1524,6 +1524,7 @@ persistent_available_p (const char *host active, registered connection". */ #define CLOSE_FINISH(fd) do { \ @@ -10,7 +10,7 @@ if (!keep_alive) \ { \ if (pconn_active && (fd) == pconn.socket) \ -@@ -1524,14 +1525,17 @@ persistent_available_p (const char *host +@@ -1532,14 +1533,17 @@ persistent_available_p (const char *host fd_close (fd);\ fd = -1; \ } \ @@ -27,4 +27,4 @@ + errno = errno_sav;\ } while (0) - struct http_stat + typedef enum ++ wget.keyring ++ Binary files /var/tmp/diff_new_pack.lu8i3X/_old and /var/tmp/diff_new_pack.lu8i3X/_new differ
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2017-10-25 18:00:50 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Wed Oct 25 18:00:50 2017 rev:49 rq: version:1.19.1 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2017-10-25 17:44:49.475009202 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2017-10-25 18:00:51.813841269 +0200 @@ -2,9 +1,0 @@ -Tue Oct 24 07:07:32 UTC 2017 - josef.moell...@suse.com - -- Fixed two stack overflow vulnerabilities if a chunksize is - negative. - [bsc#1064715,wget-stack-overflow-on-negative-chunksize-CVE-2017-13089.patch, - bsc#1064716,wget-stack-overflow-on-negative-chunksize-CVE-2017-13090.patch, - CVE-2017-13089,CVE-2017-13090] - Old: wget-stack-overflow-on-negative-chunksize-CVE-2017-13089.patch wget-stack-overflow-on-negative-chunksize-CVE-2017-13090.patch Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.m2Rtr5/_old 2017-10-25 18:00:52.457811043 +0200 +++ /var/tmp/diff_new_pack.m2Rtr5/_new 2017-10-25 18:00:52.461810855 +0200 @@ -35,8 +35,6 @@ Patch8: wget-errno-clobber.patch Patch9: wget-CVE-2017-6508.patch Patch10:wget-416-but-file-not-complete.patch -Patch11:wget-stack-overflow-on-negative-chunksize-CVE-2017-13089.patch -Patch12:wget-stack-overflow-on-negative-chunksize-CVE-2017-13090.patch BuildRequires: automake BuildRequires: gpgme-devel >= 0.4.2 BuildRequires: libcares-devel @@ -85,8 +83,6 @@ %patch8 -p1 %patch9 -p1 %patch10 -p1 -%patch11 -p1 -%patch12 -p1 %build %if 0%{?suse_version} > 1110
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2017-10-25 17:44:47 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Wed Oct 25 17:44:47 2017 rev:48 rq:536254 version:1.19.1 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2017-09-25 13:54:20.293703921 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2017-10-25 17:44:49.475009202 +0200 @@ -1,0 +2,9 @@ +Tue Oct 24 07:07:32 UTC 2017 - josef.moell...@suse.com + +- Fixed two stack overflow vulnerabilities if a chunksize is + negative. + [bsc#1064715,wget-stack-overflow-on-negative-chunksize-CVE-2017-13089.patch, + bsc#1064716,wget-stack-overflow-on-negative-chunksize-CVE-2017-13090.patch, + CVE-2017-13089,CVE-2017-13090] + +--- New: wget-stack-overflow-on-negative-chunksize-CVE-2017-13089.patch wget-stack-overflow-on-negative-chunksize-CVE-2017-13090.patch Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.vGvqzn/_old 2017-10-25 17:44:50.310969967 +0200 +++ /var/tmp/diff_new_pack.vGvqzn/_new 2017-10-25 17:44:50.310969967 +0200 @@ -35,6 +35,8 @@ Patch8: wget-errno-clobber.patch Patch9: wget-CVE-2017-6508.patch Patch10:wget-416-but-file-not-complete.patch +Patch11:wget-stack-overflow-on-negative-chunksize-CVE-2017-13089.patch +Patch12:wget-stack-overflow-on-negative-chunksize-CVE-2017-13090.patch BuildRequires: automake BuildRequires: gpgme-devel >= 0.4.2 BuildRequires: libcares-devel @@ -83,6 +85,8 @@ %patch8 -p1 %patch9 -p1 %patch10 -p1 +%patch11 -p1 +%patch12 -p1 %build %if 0%{?suse_version} > 1110 ++ wget-stack-overflow-on-negative-chunksize-CVE-2017-13089.patch ++ >From 3dbc2e06ad487862c2fcc64d4891ff8aeb254bad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20R=C3=BChsen?=Date: Fri, 20 Oct 2017 10:59:38 +0200 Subject: [PATCH 1/2] Fix stack overflow in HTTP protocol handling (CVE-2017-13089) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * src/http.c (skip_short_body): Return error on negative chunk size Reported-by: Antti Levomäki, Christian Jalio, Joonas Pihlaja from Forcepoint Reported-by: Juhani Eronen from Finnish National Cyber Security Centre --- src/http.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/http.c b/src/http.c index 55367688..dc318231 100644 --- a/src/http.c +++ b/src/http.c @@ -973,6 +973,9 @@ skip_short_body (int fd, wgint contlen, bool chunked) remaining_chunk_size = strtol (line, , 16); xfree (line); + if (remaining_chunk_size < 0) +return false; + if (remaining_chunk_size == 0) { line = fd_read_line (fd); ++ wget-stack-overflow-on-negative-chunksize-CVE-2017-13090.patch ++ >From 28925c37b72867c0819799c6f35caf9439080f83 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20R=C3=BChsen?= Date: Fri, 20 Oct 2017 15:15:47 +0200 Subject: [PATCH 2/2] Fix heap overflow in HTTP protocol handling (CVE-2017-13090) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * src/retr.c (fd_read_body): Stop processing on negative chunk size Reported-by: Antti Levomäki, Christian Jalio, Joonas Pihlaja from Forcepoint Reported-by: Juhani Eronen from Finnish National Cyber Security Centre --- src/retr.c | 6 ++ 1 file changed, 6 insertions(+) diff --git a/src/retr.c b/src/retr.c index a27d58af..723ac725 100644 --- a/src/retr.c +++ b/src/retr.c @@ -378,6 +378,12 @@ fd_read_body (const char *downloaded_filename, int fd, FILE *out, wgint toread, remaining_chunk_size = strtol (line, , 16); xfree (line); + if (remaining_chunk_size < 0) +{ + ret = -1; + break; +} + if (remaining_chunk_size == 0) { ret = 0;
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2017-09-25 13:54:16 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Mon Sep 25 13:54:16 2017 rev:47 rq:527657 version:1.19.1 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2017-03-10 21:44:34.257212285 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2017-09-25 13:54:20.293703921 +0200 @@ -1,0 +2,7 @@ +Thu Sep 21 06:45:00 UTC 2017 - josef.moell...@suse.com + +- Retry http GET when server responds with "416 Requested Range + Not Satisfiable" but file is not complete. + [boo#1058204, wget-416-but-file-not-complete.patch] + +--- New: wget-416-but-file-not-complete.patch Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.ki6TCb/_old 2017-09-25 13:54:22.185437759 +0200 +++ /var/tmp/diff_new_pack.ki6TCb/_new 2017-09-25 13:54:22.185437759 +0200 @@ -34,6 +34,7 @@ Patch7: wget-fix-pod-syntax.diff Patch8: wget-errno-clobber.patch Patch9: wget-CVE-2017-6508.patch +Patch10:wget-416-but-file-not-complete.patch BuildRequires: automake BuildRequires: gpgme-devel >= 0.4.2 BuildRequires: libcares-devel @@ -81,6 +82,7 @@ %patch7 -p1 %patch8 -p1 %patch9 -p1 +%patch10 -p1 %build %if 0%{?suse_version} > 1110 ++ wget-416-but-file-not-complete.patch ++ Index: wget-1.19.1/src/http.c === --- wget-1.19.1.orig/src/http.c +++ wget-1.19.1/src/http.c @@ -3819,6 +3819,16 @@ gethttp (const struct url *u, struct url } if (statcode == HTTP_STATUS_RANGE_NOT_SATISFIABLE + && hs->restval < (contlen + contrange)) +{ + /* The file was not completely downloaded, + yet the server claims the range is invalid. + Bail out. */ + CLOSE_INVALIDATE (sock); + retval = RANGEERR; + goto cleanup; +} + if (statcode == HTTP_STATUS_RANGE_NOT_SATISFIABLE || (!opt.timestamping && hs->restval > 0 && statcode == HTTP_STATUS_OK && contrange == 0 && contlen >= 0 && hs->restval >= contlen)) {
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2017-03-10 21:44:33 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Fri Mar 10 21:44:33 2017 rev:46 rq:477531 version:1.19.1 Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2017-02-20 14:29:44.305321418 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2017-03-10 21:44:34.257212285 +0100 @@ -1,0 +2,7 @@ +Tue Mar 7 13:40:10 UTC 2017 - josef.moell...@suse.com + +- src/url.c (url_parse): Reject control characters in host part + of URL + (CVE-2017-6508, wget-CVE-2017-6508.patch, bsc#1028301) + +--- New: wget-CVE-2017-6508.patch Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.HUvr0T/_old 2017-03-10 21:44:35.145086351 +0100 +++ /var/tmp/diff_new_pack.HUvr0T/_new 2017-03-10 21:44:35.153085218 +0100 @@ -33,6 +33,7 @@ # PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 co...@suse.de Patch7: wget-fix-pod-syntax.diff Patch8: wget-errno-clobber.patch +Patch9: wget-CVE-2017-6508.patch BuildRequires: automake BuildRequires: gpgme-devel >= 0.4.2 BuildRequires: libcares-devel @@ -79,6 +80,7 @@ %patch6 %patch7 -p1 %patch8 -p1 +%patch9 -p1 %build %if 0%{?suse_version} > 1110 ++ wget-CVE-2017-6508.patch ++ diff --git a/src/url.c b/src/url.c index 8f8ff0b..7d36b27 100644 --- a/src/url.c +++ b/src/url.c @@ -925,6 +925,17 @@ url_parse (const char *url, int *error, struct iri *iri, bool percent_encode) url_unescape (u->host); host_modified = true; + /* check for invalid control characters in host name */ + for (p = u->host; *p; p++) +{ + if (c_iscntrl(*p)) +{ + url_free(u); + error_code = PE_INVALID_HOST_NAME; + goto error; +} +} + /* Apply IDNA regardless of iri->utf8_encode status */ if (opt.enable_iri && iri) {
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2017-02-20 14:29:42 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2017-02-08 10:51:25.759459113 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2017-02-20 14:29:44.305321418 +0100 @@ -1,0 +2,12 @@ +Thu Feb 16 11:20:07 UTC 2017 - josef.moell...@suse.com + +- Update to wget-1.19.1, mainly bug fixes + * Add support for --retry-on-http-error + * tests/WgetTests.pm: Add --no-config to wget invocation + * Fix regression in .netrc auth in src/http.c + * Fix memory leak in src/iri.c + * Remove skipping libunistring with --disable-iri + * bootstrap.conf: Add gnulib module wcwidth + * Fix include/define clash with gnulib's unlink module + +--- Old: wget-1.19.tar.xz wget-1.19.tar.xz.sig New: wget-1.19.1.tar.xz wget-1.19.1.tar.xz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.rKfPKx/_old 2017-02-20 14:29:45.873100192 +0100 +++ /var/tmp/diff_new_pack.rKfPKx/_new 2017-02-20 14:29:45.881099063 +0100 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %bcond_withregression_tests Name: wget -Version:1.19 +Version:1.19.1 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ ++ wget-1.19.tar.xz -> wget-1.19.1.tar.xz ++ 91518 lines of diff (skipped) ++ wget-libproxy.patch ++ --- /var/tmp/diff_new_pack.rKfPKx/_old 2017-02-20 14:29:47.144920727 +0100 +++ /var/tmp/diff_new_pack.rKfPKx/_new 2017-02-20 14:29:47.144920727 +0100 @@ -1,7 +1,7 @@ -Index: wget-1.19/configure.ac +Index: wget-1.19.1/configure.ac === wget-1.19.orig/configure.ac -+++ wget-1.19/configure.ac +--- wget-1.19.1.orig/configure.ac wget-1.19.1/configure.ac @@ -506,6 +506,22 @@ AS_IF([test x"$with_metalink" != xno], [ ]) ]) @@ -25,23 +25,23 @@ dnl ** dnl Checks for IPv6 dnl ** -Index: wget-1.19/src/Makefile.am +Index: wget-1.19.1/src/Makefile.am === wget-1.19.orig/src/Makefile.am -+++ wget-1.19/src/Makefile.am +--- wget-1.19.1.orig/src/Makefile.am wget-1.19.1/src/Makefile.am @@ -64,7 +64,7 @@ wget_SOURCES = connect.c convert.c cooki nodist_wget_SOURCES = version.c EXTRA_wget_SOURCES = iri.c LDADD = $(LIBOBJS) ../lib/libgnu.a $(GETADDRINFO_LIB) $(HOSTENT_LIB)\ - $(INET_NTOP_LIB) $(LIBSOCKET) $(LIB_CLOCK_GETTIME) $(LIB_CRYPTO)\ + $(INET_NTOP_LIB) $(LIBSOCKET) $(libproxy_LIBS) $(LIB_CLOCK_GETTIME) $(LIB_CRYPTO)\ - $(LIB_NANOSLEEP) $(LIB_POSIX_SPAWN) $(LIB_SELECT) $(LTLIBICONV) $(LTLIBINTL)\ - $(LTLIBTHREAD) $(LTLIBUNISTRING) $(SERVENT_LIB) + $(LIB_NANOSLEEP) $(LIB_POSIX_SPAWN) $(LIB_SELECT) $(LIBICONV) $(LIBINTL)\ + $(LIBTHREAD) $(LIBUNISTRING) $(SERVENT_LIB) AM_CPPFLAGS = -I$(top_builddir)/lib -I$(top_srcdir)/lib -Index: wget-1.19/src/retr.c +Index: wget-1.19.1/src/retr.c === wget-1.19.orig/src/retr.c -+++ wget-1.19/src/retr.c +--- wget-1.19.1.orig/src/retr.c wget-1.19.1/src/retr.c @@ -58,6 +58,10 @@ as that of the covered work. */ #include "iri.h" #include "hsts.h" @@ -59,12 +59,12 @@ if (!proxy || !*proxy) +#ifdef HAVE_LIBPROXY + { -+ pxProxyFactory *pf = px_proxy_factory_new(); -+ if (!pf) -+ { -+ debug_logprintf (_("Allocating memory for libproxy failed")); -+ return NULL; -+ } ++ pxProxyFactory *pf = px_proxy_factory_new(); ++ if (!pf) ++ { ++ debug_logprintf (_("Allocating memory for libproxy failed")); ++ return NULL; ++ } + int i; + char direct[] = "direct://"; + @@ -72,21 +72,21 @@ + char **proxies = px_proxy_factory_get_proxies(pf, u->url); + if (proxies[0]) + { -+ char *check = NULL; -+ asprintf( , "%s", proxies[0]); -+ debug_logprintf (_("libproxy suggest to use '%s'\n"), check); -+
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2017-02-08 10:51:24 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2016-08-03 11:38:44.0 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2017-02-08 10:51:25.759459113 +0100 @@ -1,0 +2,42 @@ +Sat Feb 4 20:32:08 UTC 2017 - astie...@suse.com + +- build with libidn2 to actually support IDNA2008 - FATE#321897 + +--- +Fri Feb 3 14:37:20 UTC 2017 - josef.moell...@suse.com + +- Update to wget-1.19: + * New option --use-askpass=COMMAND. Fetch user/password by calling +an external program. + * Use IDNA2008 (+ TR46 if available) through libidn2 + * When processing a Metalink header, --metalink-index= allows +to process the header's application/metalink4+xml files. + * When processing a Metalink file, --trust-server-names enables the +use of the destination file names specified in the Metalink file, +otherwise a safe destination file name is computed. + * When processing a Metalink file, enforce a safe destination path. +Remove any drive letter prefix under w32, i.e. 'C:D:file'. Call +libmetalink's metalink_check_safe_path() to prevent absolute, +relative, or home paths: +https://tools.ietf.org/html/rfc5854#section-4.1.2.1 +https://tools.ietf.org/html/rfc5854#section-4.2.8.3 + * When processing a Metalink file, --directory-prefix= sets +the top of the retrieval tree to prefix for Metalink downloads. + * When processing a Metalink file, reject downloaded files which don't +agree with their own metalink:size value: +https://tools.ietf.org/html/rfc5854#section-4.2.16 + * When processing a Metalink file, with --continue resume partially +downloaded files and keep fully downloaded files even if they fail +the verification. + * When processing a Metalink file, create the parent directories of a +"path/file" destination file name: +https://tools.ietf.org/html/rfc5854#section-4.1.2.1 +https://tools.ietf.org/html/rfc5854#section-4.2.8.3 + * On a recursive download, append a .tmp suffix to temporary files +that will be deleted after being parsed, and create them +readable/writable only by the owner. + * New make target 'check-valgrind' + * Fix several bugs + * Fix compatibility issues + +--- Old: wget-1.18.tar.xz wget-1.18.tar.xz.sig New: wget-1.19.tar.xz wget-1.19.tar.xz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.1nwpGT/_old 2017-02-08 10:51:26.715325896 +0100 +++ /var/tmp/diff_new_pack.1nwpGT/_new 2017-02-08 10:51:26.719325338 +0100 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %bcond_withregression_tests Name: wget -Version:1.18 +Version:1.19 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ @@ -36,7 +36,7 @@ BuildRequires: automake BuildRequires: gpgme-devel >= 0.4.2 BuildRequires: libcares-devel -BuildRequires: libidn-devel +BuildRequires: libidn2-devel BuildRequires: libpng-devel BuildRequires: makeinfo BuildRequires: openssl-devel ++ wget-1.18.tar.xz -> wget-1.19.tar.xz ++ 215029 lines of diff (skipped) ++ wget-libproxy.patch ++ --- /var/tmp/diff_new_pack.1nwpGT/_old 2017-02-08 10:51:27.763179858 +0100 +++ /var/tmp/diff_new_pack.1nwpGT/_new 2017-02-08 10:51:27.763179858 +0100 @@ -1,15 +1,8 @@ - configure.ac | 16 - src/Makefile.am |2 +- - src/retr.c| 37 + - tests/Makefile.am |1 + - 4 files changed, 55 insertions(+), 1 deletion(-) - -Index: wget-1.17/configure.ac +Index: wget-1.19/configure.ac === wget-1.17.orig/configure.ac -+++ wget-1.17/configure.ac -@@ -507,6 +507,22 @@ AS_IF([test x"$with_metalink" != xno], [ +--- wget-1.19.orig/configure.ac wget-1.19/configure.ac +@@ -506,6 +506,22 @@ AS_IF([test x"$with_metalink" != xno], [ ]) ]) @@ -32,23 +25,23 @@ dnl ** dnl Checks for IPv6 dnl
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2016-08-03 11:38:43 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2016-06-13 21:52:18.0 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2016-08-03 11:38:44.0 +0200 @@ -1,0 +2,13 @@ +Thu Jul 28 15:37:37 UTC 2016 - josef.moell...@suse.com + +- Save/restore errno within CLOSE_FINISH and CLOSE_INVALIDATE. + (wget-errno-clobber.patch, boo#983660) + +--- +Fri Jul 22 12:34:02 UTC 2016 - dims...@opensuse.org + +- Update wget-libproxy.patch: use libproxy's px_proxy_factory_free + instead of regular free in order to ensure the module destructors + are correctly running (boo#967601). + +--- New: wget-errno-clobber.patch Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.alabR5/_old 2016-08-03 11:38:45.0 +0200 +++ /var/tmp/diff_new_pack.alabR5/_new 2016-08-03 11:38:45.0 +0200 @@ -32,6 +32,7 @@ Patch6: wget-1.14-no-ssl-comp.patch # PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 co...@suse.de Patch7: wget-fix-pod-syntax.diff +Patch8: wget-errno-clobber.patch BuildRequires: automake BuildRequires: gpgme-devel >= 0.4.2 BuildRequires: libcares-devel @@ -77,6 +78,7 @@ %endif %patch6 %patch7 -p1 +%patch8 -p1 %build %if 0%{?suse_version} > 1110 ++ wget-errno-clobber.patch ++ Index: wget-1.18/src/http.c === --- wget-1.18.orig/src/http.c +++ wget-1.18/src/http.c @@ -1516,6 +1516,7 @@ persistent_available_p (const char *host active, registered connection". */ #define CLOSE_FINISH(fd) do { \ + int errno_sav = errno;\ if (!keep_alive) \ { \ if (pconn_active && (fd) == pconn.socket) \ @@ -1524,14 +1525,17 @@ persistent_available_p (const char *host fd_close (fd);\ fd = -1; \ } \ + errno = errno_sav;\ } while (0) #define CLOSE_INVALIDATE(fd) do { \ + int errno_sav = errno;\ if (pconn_active && (fd) == pconn.socket) \ invalidate_persistent (); \ else \ fd_close (fd); \ fd = -1; \ + errno = errno_sav;\ } while (0) struct http_stat ++ wget-libproxy.patch ++ --- /var/tmp/diff_new_pack.alabR5/_old 2016-08-03 11:38:45.0 +0200 +++ /var/tmp/diff_new_pack.alabR5/_new 2016-08-03 11:38:45.0 +0200 @@ -90,7 +90,7 @@ + } + for(i=0;proxies[i];i++) free(proxies[i]); + free(proxies); -+ free(pf); ++ px_proxy_factory_free(pf); + +if (!proxy || !*proxy) + return NULL;
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2016-06-13 21:52:17 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2015-12-17 15:52:24.0 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2016-06-13 21:52:18.0 +0200 @@ -1,0 +2,21 @@ +Thu Jun 9 20:42:15 UTC 2016 - astie...@suse.com + +- GNU wget 1.18: + * On server redirects to a FTP resource, use the original URL to +get the local file name by default. CVE-2016-4971 (boo#984060) +This introduces a backward-incompatibility for HTTP->FTP +redirects and any script that relies on the old behaviour must +use --trust-server-names. + * Check the HSTS file is not world-writable before using it. + * Parse attributes on a recursive download. + * Fix problem with SNI server names having trailing dot(s) + * New options --bind-dns-address and --dns-servers. + * Convert non-ASCII URIs to the locale's codeset when creating +files. Encoding of remote files and URIs is taken from +--remote-encoding, defaulting to UTF-8. The result is that +non-ASCII URIs and files downloaded via HTTP/HTTPS and FTP will +have names on the local filesystem that correspond to their +remote names. +- build with gpgme, libcares2 + +--- Old: wget-1.17.1.tar.xz wget-1.17.1.tar.xz.sig New: wget-1.18.tar.xz wget-1.18.tar.xz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.PcndzV/_old 2016-06-13 21:52:19.0 +0200 +++ /var/tmp/diff_new_pack.PcndzV/_new 2016-06-13 21:52:19.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %bcond_withregression_tests Name: wget -Version:1.17.1 +Version:1.18 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ @@ -33,6 +33,8 @@ # PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 co...@suse.de Patch7: wget-fix-pod-syntax.diff BuildRequires: automake +BuildRequires: gpgme-devel >= 0.4.2 +BuildRequires: libcares-devel BuildRequires: libidn-devel BuildRequires: libpng-devel BuildRequires: makeinfo @@ -43,6 +45,7 @@ PreReq: %{install_info_prereq} BuildRoot: %{_tmppath}/%{name}-%{version}-build %if %{?suse_version} > 1110 +BuildRequires: pkg-config BuildRequires: pkgconfig(libmetalink) BuildRequires: pkgconfig(libpcre) BuildRequires: pkgconfig(libpsl) @@ -82,6 +85,7 @@ %endif %configure \ --with-ssl=openssl \ + --with-cares \ --with-metalink make %{?_smp_mflags} @@ -91,7 +95,7 @@ %endif %install -make DESTDIR=%{buildroot} install %{?_smp_mflags} +make %{?_smp_mflags} DESTDIR=%{buildroot} install %find_lang %{name} %post ++ wget-1.17.1.tar.xz -> wget-1.18.tar.xz ++ 117173 lines of diff (skipped)
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2015-12-17 15:52:23 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2015-11-24 22:31:36.0 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2015-12-17 15:52:24.0 +0100 @@ -1,0 +2,11 @@ +Sat Dec 12 09:35:06 UTC 2015 - astie...@suse.com + +- GNU wget 1.17.1: + * Fix compile error when IPv6 is disabled or SSL is not present + * Fix HSTS memory leak + * Fix progress output in non-C locales + * Fix SIGSEGV when -N and --content-disposition are used together + * Add --check-certificate=quiet to tell wget to not print any +warning about invalid certificates + +--- Old: wget-1.17.tar.xz wget-1.17.tar.xz.sig New: wget-1.17.1.tar.xz wget-1.17.1.tar.xz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.QCK5bm/_old 2015-12-17 15:52:25.0 +0100 +++ /var/tmp/diff_new_pack.QCK5bm/_new 2015-12-17 15:52:25.0 +0100 @@ -18,7 +18,7 @@ %bcond_withregression_tests Name: wget -Version:1.17 +Version:1.17.1 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ ++ wget-1.17.tar.xz -> wget-1.17.1.tar.xz ++ 47337 lines of diff (skipped)
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2015-11-24 22:31:35 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is "wget" Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2015-03-12 16:36:52.0 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2015-11-24 22:31:36.0 +0100 @@ -1,0 +2,25 @@ +Wed Nov 18 10:15:45 UTC 2015 - astie...@suse.com + +- GNU wget 1.17: + * Remove FTP passive to active fallback due to privacy concerns. +[boo#944858] CVE-2015-7665 was assigned to this problem in a + tails context + * Add support for --if-modified-since. + * Add support for metalink through --input-metalink and +--metalink-over-http. + * Add support for HSTS through --hsts and --hsts-file. + * Add option to restrict filenames under VMS. + * Add support for --rejected-log which logs to a separate file the +reasons why URLs are being rejected and some context around it. + * Add support for FTPS. + * Do not download/save file on error when --spider enabled + * Add --convert-file-only option. This option converts only the +filename part of the URLs, leaving the rest of the URLs +untouched. +- packaging changes: + * enable metalink support (in ring1) + * use system pcre (in ring 0) + * use system libuuid (in ring 1) + * build with libpsl for cookie domain checking (new) + +--- Old: wget-1.16.3.tar.xz wget-1.16.3.tar.xz.sig New: wget-1.17.tar.xz wget-1.17.tar.xz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.99wR1W/_old 2015-11-24 22:31:37.0 +0100 +++ /var/tmp/diff_new_pack.99wR1W/_new 2015-11-24 22:31:37.0 +0100 @@ -17,39 +17,50 @@ %bcond_withregression_tests - Name: wget -Version:1.16.3 +Version:1.17 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ Group: Productivity/Networking/Web/Utilities Url:https://www.gnu.org/software/wget/ -Source: https://ftp.gnu.org/gnu/wget/%name-%version.tar.xz -Source1:https://ftp.gnu.org/gnu/wget/%name-%version.tar.xz.sig +Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.xz +Source1:https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.xz.sig Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wget=1#/wget.keyring Patch0: wgetrc.patch Patch1: wget-libproxy.patch Patch6: wget-1.14-no-ssl-comp.patch # PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 co...@suse.de Patch7: wget-fix-pod-syntax.diff -BuildRequires: libpng-devel -%if 0%{suse_version} > 1110 -BuildRequires: libproxy-devel -%endif BuildRequires: automake BuildRequires: libidn-devel +BuildRequires: libpng-devel BuildRequires: makeinfo BuildRequires: openssl-devel +BuildRequires: pkg-config >= 0.9.0 +BuildRequires: xz +# FIXME: use proper Requires(pre/post/preun/...) +PreReq: %{install_info_prereq} +BuildRoot: %{_tmppath}/%{name}-%{version}-build +%if %{?suse_version} > 1110 +BuildRequires: pkgconfig(libmetalink) +BuildRequires: pkgconfig(libpcre) +BuildRequires: pkgconfig(libpsl) +BuildRequires: pkgconfig(uuid) +%else +BuildRequires: libmetalink-devel +BuildRequires: libpsl-devel +BuildRequires: libuuid-devel +BuildRequires: pcre-devel +%endif +%if 0%{?suse_version} > 1110 +BuildRequires: libproxy-devel +%endif %if %{with regression_tests} # For the Testsuite BuildRequires: perl-HTTP-Daemon BuildRequires: perl-IO-Socket-SSL %endif -BuildRequires: pkg-config -BuildRequires: xz -PreReq: %install_info_prereq -BuildRoot: %{_tmppath}/%{name}-%{version}-build %description Wget enables you to retrieve WWW documents or FTP files from a server. @@ -58,27 +69,29 @@ %prep %setup -q %patch0 -%if 0%{suse_version} > 1110 +%if 0%{?suse_version} > 1110 %patch1 -p1 %endif %patch6 %patch7 -p1 %build -%if 0%{suse_version} > 1110 +%if 0%{?suse_version} > 1110 # only wget-libproxy.patch needs this autoreconf --force %endif -%configure --with-ssl=openssl +%configure \ + --with-ssl=openssl \ + --with-metalink make %{?_smp_mflags} %check %if %{with regression_tests} -make -C tests/ check +make %{?_smp_mflags} -C tests/ check %endif %install -%makeinstall +make DESTDIR=%{buildroot} install %{?_smp_mflags} %find_lang %{name} %post ++ wget-1.16.3.tar.xz -> wget-1.17.tar.xz ++ 160197 lines of diff (skipped) ++ wget-libproxy.patch ++ ---
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2015-03-12 16:36:50 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2015-03-05 18:15:17.0 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2015-03-12 16:36:52.0 +0100 @@ -1,0 +2,7 @@ +Mon Mar 9 14:05:22 UTC 2015 - astie...@suse.com + +- GNU wget 1.16.3: + * Fix a regression introduced by wget 1.16.2 that --quiet is not +really quiet anymore. + +--- Old: wget-1.16.2.tar.xz wget-1.16.2.tar.xz.sig New: wget-1.16.3.tar.xz wget-1.16.3.tar.xz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.uoWRFg/_old 2015-03-12 16:36:53.0 +0100 +++ /var/tmp/diff_new_pack.uoWRFg/_new 2015-03-12 16:36:53.0 +0100 @@ -19,7 +19,7 @@ %bcond_withregression_tests Name: wget -Version:1.16.2 +Version:1.16.3 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ ++ wget-1.16.2.tar.xz - wget-1.16.3.tar.xz ++ 57010 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2015-03-05 15:34:10 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2014-12-29 00:32:06.0 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2015-03-05 18:15:17.0 +0100 @@ -1,0 +2,10 @@ +Tue Mar 3 07:42:21 UTC 2015 - astie...@suse.com + +- GNU wget 1.16.2: + * Allow progress bar on stderr when -o is used. + * Accept 5-digit port numbers in FTP EPSV responses. + * Support older versions of flex. + * Updated translations. +- drop wget-1.14-openssl-no-intern.patch, now upstream + +--- Old: wget-1.14-openssl-no-intern.patch wget-1.16.1.tar.xz wget-1.16.1.tar.xz.sig New: wget-1.16.2.tar.xz wget-1.16.2.tar.xz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.OPUnpL/_old 2015-03-05 18:15:19.0 +0100 +++ /var/tmp/diff_new_pack.OPUnpL/_new 2015-03-05 18:15:19.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %bcond_withregression_tests Name: wget -Version:1.16.1 +Version:1.16.2 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ @@ -30,7 +30,6 @@ Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wgetdownload=1#/wget.keyring Patch0: wgetrc.patch Patch1: wget-libproxy.patch -Patch5: wget-1.14-openssl-no-intern.patch Patch6: wget-1.14-no-ssl-comp.patch # PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 co...@suse.de Patch7: wget-fix-pod-syntax.diff @@ -62,7 +61,6 @@ %if 0%{suse_version} 1110 %patch1 -p1 %endif -%patch5 -p1 %patch6 %patch7 -p1 ++ wget-1.16.1.tar.xz - wget-1.16.2.tar.xz ++ 153866 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2014-11-03 13:11:06 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2014-06-19 13:19:41.0 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2014-11-03 13:11:12.0 +0100 @@ -1,0 +2,19 @@ +Wed Oct 29 20:37:47 UTC 2014 - andreas.stie...@gmx.de + +- GNU wget 1.16: + This release contains a fix for symlink attack which could allow + a malicious ftp server to create arbitrary files, directories or + symbolic links and set their permissions when retrieving a + directory recursively through FTP. [CVE-2014-4877] [boo#902709] + * No longer create local symbolic links by default +--retr-symlinks=no option restores previous behaviour + * Use libpsl for verifying cookie domains. + * Default progress bar output changed. + * Introduce --show-progress to force display the progress bar. + * Introduce --no-config. The wgetrc files will not be read. + * Introduce --start-pos to allow starting downloads from a specified position. + * Fix a problem with ISA Server Proxy and keep-alive connections. +- refresh wget-libproxy.patch for upstream changes +- make some dependencies only required for testsuite optional + +--- Old: wget-1.15.tar.xz wget-1.15.tar.xz.sig New: wget-1.16.tar.xz wget-1.16.tar.xz.sig Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.wezBc2/_old 2014-11-03 13:11:13.0 +0100 +++ /var/tmp/diff_new_pack.wezBc2/_new 2014-11-03 13:11:13.0 +0100 @@ -19,7 +19,7 @@ %bcond_withregression_tests Name: wget -Version:1.15 +Version:1.16 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ @@ -42,10 +42,11 @@ BuildRequires: libidn-devel BuildRequires: makeinfo BuildRequires: openssl-devel +%if %{with regression_tests} # For the Testsuite BuildRequires: perl-HTTP-Daemon BuildRequires: perl-IO-Socket-SSL - +%endif BuildRequires: pkg-config BuildRequires: xz PreReq: %install_info_prereq @@ -59,7 +60,7 @@ %setup -q %patch0 %if 0%{suse_version} 1110 -%patch1 +%patch1 -p1 %endif %patch5 -p1 %patch6 ++ wget-1.15.tar.xz - wget-1.16.tar.xz ++ 140935 lines of diff (skipped) ++ wget-libproxy.patch ++ --- /var/tmp/diff_new_pack.wezBc2/_old 2014-11-03 13:11:14.0 +0100 +++ /var/tmp/diff_new_pack.wezBc2/_new 2014-11-03 13:11:14.0 +0100 @@ -1,11 +1,18 @@ -Index: configure.ac +--- + configure.ac | 16 + src/Makefile.am |2 +- + src/retr.c| 37 + + tests/Makefile.am |1 + + 4 files changed, 55 insertions(+), 1 deletion(-) + +Index: wget-1.16/configure.ac === configure.ac.orig -+++ configure.ac -@@ -338,6 +338,22 @@ else - fi +--- wget-1.16.orig/configure.ac2014-10-29 20:41:01.0 + wget-1.16/configure.ac 2014-10-29 20:41:05.0 + +@@ -366,6 +366,22 @@ else fi + +dnl +dnl libproxy support +dnl @@ -25,31 +32,24 @@ dnl ** dnl Checks for IPv6 dnl ** -Index: src/Makefile.am +Index: wget-1.16/src/Makefile.am === src/Makefile.am.orig -+++ src/Makefile.am +--- wget-1.16.orig/src/Makefile.am 2014-10-29 20:41:01.0 + wget-1.16/src/Makefile.am 2014-10-29 20:41:05.0 + @@ -37,7 +37,7 @@ endif # The following line is losing on some versions of make! - DEFS = @DEFS@ -DSYSTEM_WGETRC=\$(sysconfdir)/wgetrc\ -DLOCALEDIR=\$(localedir)\ --LIBS = @LIBICONV@ @LIBINTL@ @LIBS@ $(LIB_CLOCK_GETTIME) -+LIBS = @LIBICONV@ @LIBINTL@ @libproxy_LIBS@ @LIBS@ $(LIB_CLOCK_GETTIME) + DEFS += -DSYSTEM_WGETRC=\$(sysconfdir)/wgetrc\ -DLOCALEDIR=\$(localedir)\ +-LIBS += $(LIBICONV) $(LIBINTL) $(LIB_CLOCK_GETTIME) ++LIBS += $(LIBICONV) $(LIBINTL) $(libproxy_LIBS) $(LIB_CLOCK_GETTIME) EXTRA_DIST = css.l css.c css_.c build_info.c.in -Index: tests/Makefile.am +Index: wget-1.16/src/retr.c === tests/Makefile.am.orig -+++ tests/Makefile.am -@@ -37,1 +37,1 @@ --LIBS = @LIBICONV@ @LIBINTL@ @LIBS@ $(LIB_CLOCK_GETTIME) -+LIBS = @LIBICONV@ @LIBINTL@
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2014-06-19 13:19:38 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2014-01-24 21:42:41.0 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2014-06-19 13:19:41.0 +0200 @@ -1,0 +2,5 @@ +Sun Jun 8 07:19:29 UTC 2014 - andreas.stie...@gmx.de + +- Disable the testsuite + +--- Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.E0kvSV/_old 2014-06-19 13:19:42.0 +0200 +++ /var/tmp/diff_new_pack.E0kvSV/_new 2014-06-19 13:19:42.0 +0200 @@ -16,6 +16,8 @@ # +%bcond_withregression_tests + Name: wget Version:1.15 Release:0 @@ -72,7 +74,9 @@ make %{?_smp_mflags} %check +%if %{with regression_tests} make -C tests/ check +%endif %install %makeinstall -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2014-01-24 21:42:39 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2014-01-23 15:58:05.0 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2014-01-24 21:42:41.0 +0100 @@ -1,0 +2,6 @@ +Tue Jan 21 15:32:00 UTC 2014 - kpet...@suse.com + +- Enabled the testsuite +- Modified libproxy.patch to include Makefile in tests/ + +--- Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.OgHPU7/_old 2014-01-24 21:42:42.0 +0100 +++ /var/tmp/diff_new_pack.OgHPU7/_new 2014-01-24 21:42:42.0 +0100 @@ -27,7 +27,6 @@ Source1:https://ftp.gnu.org/gnu/wget/%name-%version.tar.xz.sig Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wgetdownload=1#/wget.keyring Patch0: wgetrc.patch -# PATCH-FEATURE-UPSTREAM wget-libproxy.patch dims...@opensuse.org -- Add libproxy support to wget Patch1: wget-libproxy.patch Patch5: wget-1.14-openssl-no-intern.patch Patch6: wget-1.14-no-ssl-comp.patch @@ -41,6 +40,10 @@ BuildRequires: libidn-devel BuildRequires: makeinfo BuildRequires: openssl-devel +# For the Testsuite +BuildRequires: perl-HTTP-Daemon +BuildRequires: perl-IO-Socket-SSL + BuildRequires: pkg-config BuildRequires: xz PreReq: %install_info_prereq @@ -68,6 +71,9 @@ %configure --with-ssl=openssl make %{?_smp_mflags} +%check +make -C tests/ check + %install %makeinstall %find_lang %{name} ++ wget-libproxy.patch ++ --- /var/tmp/diff_new_pack.OgHPU7/_old 2014-01-24 21:42:42.0 +0100 +++ /var/tmp/diff_new_pack.OgHPU7/_new 2014-01-24 21:42:42.0 +0100 @@ -38,6 +38,13 @@ EXTRA_DIST = css.l css.c css_.c build_info.c.in +Index: tests/Makefile.am +=== +--- tests/Makefile.am.orig tests/Makefile.am +@@ -37,1 +37,1 @@ +-LIBS = @LIBICONV@ @LIBINTL@ @LIBS@ $(LIB_CLOCK_GETTIME) ++LIBS = @LIBICONV@ @LIBINTL@ @libproxy_LIBS@ @LIBS@ $(LIB_CLOCK_GETTIME) Index: src/retr.c === --- src/retr.c.orig @@ -94,3 +101,5 @@ /* Handle shorthands. `rewritten_storage' is a kludge to allow getproxy() to return static storage. */ + + -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2014-01-22 10:14:08 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2013-06-26 20:25:15.0 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2014-01-23 15:58:05.0 +0100 @@ -1,0 +2,25 @@ +Sun Jan 19 22:02:25 UTC 2014 - andreas.stie...@gmx.de + +- GNU wget 1.15 + * Add support for --method. + * Add support for file names longer than MAX_FILE. + * Support FTP listing for the FTP Server on Windows Server 2008 R2. + * Fix a regression when -c and --content-disposition are used together. + * Support shorthand URLs in an input file. + * Fix -c with servers that don't specify a content-length. + * Add support for MD5-SESS + * Do not fail on non fatal GNU TLS alerts during handshake. + * Add support for --https-only. When used wget will follow only + * HTTPS links in recursive mode. + * Support Perfect-Forward Secrecy in --secure-protocol. + * Fix a problem with some IRI links that are not followed when contained in a + * HTML document. + * Support some FTP servers that return an empty list with LIST -a. + * Specify Host with the HTTP CONNECT method. + * Use the correct HTTP method on a redirection. +- verify source tarball signatures +- modified patches: + * wget-1.14-openssl-no-intern.patch for upstream changes + * wget-fix-pod-syntax.diff for upstream changes + +--- Old: wget-1.14.tar.xz New: wget-1.15.tar.xz wget-1.15.tar.xz.sig wget.keyring Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.vfYnPj/_old 2014-01-23 15:58:05.0 +0100 +++ /var/tmp/diff_new_pack.vfYnPj/_new 2014-01-23 15:58:05.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,13 +17,15 @@ Name: wget -Version:1.14 +Version:1.15 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ Group: Productivity/Networking/Web/Utilities -Url:http://www.gnu.org/software/wget/ -Source: http://ftp.gnu.org/gnu/wget/%name-%version.tar.xz +Url:https://www.gnu.org/software/wget/ +Source: https://ftp.gnu.org/gnu/wget/%name-%version.tar.xz +Source1:https://ftp.gnu.org/gnu/wget/%name-%version.tar.xz.sig +Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wgetdownload=1#/wget.keyring Patch0: wgetrc.patch # PATCH-FEATURE-UPSTREAM wget-libproxy.patch dims...@opensuse.org -- Add libproxy support to wget Patch1: wget-libproxy.patch @@ -54,7 +56,7 @@ %if 0%{suse_version} 1110 %patch1 %endif -%patch5 +%patch5 -p1 %patch6 %patch7 -p1 ++ wget-1.14-openssl-no-intern.patch ++ --- /var/tmp/diff_new_pack.vfYnPj/_old 2014-01-23 15:58:05.0 +0100 +++ /var/tmp/diff_new_pack.vfYnPj/_new 2014-01-23 15:58:05.0 +0100 @@ -1,6 +1,12 @@ src/openssl.c.orig -+++ src/openssl.c -@@ -29,6 +29,7 @@ +--- + src/openssl.c |3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +Index: wget-1.15/src/openssl.c +=== +--- wget-1.15.orig/src/openssl.c 2014-01-19 21:35:59.0 + wget-1.15/src/openssl.c2014-01-19 21:37:27.0 + +@@ -29,6 +29,7 @@ Corresponding Source for a non-source fo shall include the source code for the parts of OpenSSL used as well as that of the covered work. */ @@ -8,12 +14,12 @@ #include wget.h #include assert.h -@@ -425,7 +426,7 @@ - if (!SSL_set_fd (conn, FD_TO_SOCKET (fd))) - goto error; - SSL_set_connect_state (conn); -- if (SSL_connect (conn) = 0 || conn-state != SSL_ST_OK) -+ if (SSL_connect (conn) = 0 || SSL_get_state(conn) != SSL_ST_OK) +@@ -479,7 +480,7 @@ ssl_connect_wget (int fd, const char *ho + DEBUGP ((SSL handshake timed out.\n)); + goto timeout; + } +- if (scwt_ctx.result = 0 || conn-state != SSL_ST_OK) ++ if (scwt_ctx.result = 0 || SSL_get_state(conn) != SSL_ST_OK) goto error; ctx = xnew0 (struct openssl_transport_context); ++ wget-1.14.tar.xz - wget-1.15.tar.xz ++ 156528 lines of diff (skipped) ++ wget-fix-pod-syntax.diff ++
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2013-05-03 13:52:48 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2013-05-03 07:40:54.0 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2013-05-03 13:52:50.0 +0200 @@ -1,0 +2,24 @@ +Thu May 2 17:50:50 UTC 2013 - p.drou...@gmail.com + +- Update to version 1.14 + + add support for content-on-error. It allows to store the HTTP +payload on 4xx or 5xx errors. + + add support for WARC files. + + fix a memory leak problem in the GNU TLS backend. + + autoreconf works again for distributed tarballs. + + print some diagnostic messages to stderr not to stdout. + + report stdout close errors. + + accept the --report-speed option. + + enable client certificates when GNU TLS is used. + + add support for TLS Server Name Indication. + + accept the arguments --accept-reject and --reject-regex. + + the GNU TLS backend honors correctly the timeout value. + + add support for RFC 2617 Digest Access Authentication. +- Drop patchs obsoleted by upstream + + wget-sni.patch + + wget-stdio.h.patch +- Rebase patchs to work with upstream + + wget-openssl-no-intern.patch wget-1.14-openssl-no-intern.patch + + wget-no-ssl-comp.patch wget-1.14-no-ssl-comp.patch + +--- Old: wget-1.13.4.tar.bz2 wget-no-ssl-comp.patch wget-openssl-no-intern.patch wget-sni.patch wget-stdio.h.patch New: wget-1.14-no-ssl-comp.patch wget-1.14-openssl-no-intern.patch wget-1.14.tar.xz Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.KzGonQ/_old 2013-05-03 13:52:52.0 +0200 +++ /var/tmp/diff_new_pack.KzGonQ/_new 2013-05-03 13:52:52.0 +0200 @@ -17,20 +17,18 @@ Name: wget -Version:1.13.4 +Version:1.14 Release:0 Summary:A Tool for Mirroring FTP and HTTP Servers License:GPL-3.0+ Group: Productivity/Networking/Web/Utilities Url:http://www.gnu.org/software/wget/ -Source: http://ftp.gnu.org/gnu/wget/%name-%version.tar.bz2 +Source: http://ftp.gnu.org/gnu/wget/%name-%version.tar.xz Patch0: wgetrc.patch # PATCH-FEATURE-UPSTREAM wget-libproxy.patch dims...@opensuse.org -- Add libproxy support to wget Patch1: wget-libproxy.patch -Patch3: wget-sni.patch -Patch4: wget-stdio.h.patch -Patch5: wget-openssl-no-intern.patch -Patch6: wget-no-ssl-comp.patch +Patch5: wget-1.14-openssl-no-intern.patch +Patch6: wget-1.14-no-ssl-comp.patch BuildRequires: libpng-devel %if 0%{suse_version} 1110 BuildRequires: libproxy-devel @@ -40,6 +38,7 @@ BuildRequires: makeinfo BuildRequires: openssl-devel BuildRequires: pkg-config +BuildRequires: xz PreReq: %install_info_prereq BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -53,8 +52,6 @@ %if 0%{suse_version} 1110 %patch1 %endif -%patch3 -%patch4 -p1 %patch5 %patch6 ++ wget-1.14-no-ssl-comp.patch ++ --- src/openssl.c.orig +++ src/openssl.c @@ -241,7 +241,9 @@ /* The OpenSSL library can handle renegotiations automatically, so tell it to do so. */ SSL_CTX_set_mode (ssl_ctx, SSL_MODE_AUTO_RETRY); - +#ifdef SSL_OP_NO_COMPRESSION + SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_COMPRESSION); +#endif return true; error: ++ wget-1.14-openssl-no-intern.patch ++ --- src/openssl.c.orig +++ src/openssl.c @@ -29,6 +29,7 @@ shall include the source code for the parts of OpenSSL used as well as that of the covered work. */ +#define OPENSSL_NO_SSL_INTERN #include wget.h #include assert.h @@ -425,7 +426,7 @@ if (!SSL_set_fd (conn, FD_TO_SOCKET (fd))) goto error; SSL_set_connect_state (conn); - if (SSL_connect (conn) = 0 || conn-state != SSL_ST_OK) + if (SSL_connect (conn) = 0 || SSL_get_state(conn) != SSL_ST_OK) goto error; ctx = xnew0 (struct openssl_transport_context); -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2013-05-03 07:40:53 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2013-04-05 13:23:07.0 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2013-05-03 07:40:54.0 +0200 @@ -1,0 +2,5 @@ +Thu May 2 09:49:33 UTC 2013 - seife+...@b1-systems.com + +- add makeinfo BuildRequires to fix build + +--- Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.89CveG/_old 2013-05-03 07:40:55.0 +0200 +++ /var/tmp/diff_new_pack.89CveG/_new 2013-05-03 07:40:55.0 +0200 @@ -37,6 +37,7 @@ %endif BuildRequires: automake BuildRequires: libidn-devel +BuildRequires: makeinfo BuildRequires: openssl-devel BuildRequires: pkg-config PreReq: %install_info_prereq -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2013-04-05 13:23:06 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget, Maintainer is m...@suse.com Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2012-11-12 11:22:24.0 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2013-04-05 13:23:07.0 +0200 @@ -1,0 +2,5 @@ +Fri Apr 5 09:51:58 UTC 2013 - idon...@suse.com + +- Add Source URL, see https://en.opensuse.org/SourceUrls + +--- Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.eHTGzS/_old 2013-04-05 13:23:08.0 +0200 +++ /var/tmp/diff_new_pack.eHTGzS/_new 2013-04-05 13:23:08.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -23,8 +23,7 @@ License:GPL-3.0+ Group: Productivity/Networking/Web/Utilities Url:http://www.gnu.org/software/wget/ -Source: %name-%version.tar.bz2 -# PATCH-MISSING-TAG -- See http://wiki.opensuse.org/Packaging/Patches +Source: http://ftp.gnu.org/gnu/wget/%name-%version.tar.bz2 Patch0: wgetrc.patch # PATCH-FEATURE-UPSTREAM wget-libproxy.patch dims...@opensuse.org -- Add libproxy support to wget Patch1: wget-libproxy.patch -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2012-11-12 11:22:23 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget, Maintainer is m...@suse.com Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2012-10-03 10:14:47.0 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2012-11-12 11:22:24.0 +0100 @@ -1,0 +2,6 @@ +Mon Nov 12 02:04:05 UTC 2012 - crrodrig...@opensuse.org + +- wget-no-ssl-comp.patch: Since the apperance of the CRIME attack + (CVE-2012-4929) HTTPS clients must not negotatiate ssl compression. + +--- New: wget-no-ssl-comp.patch Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.VdVxfL/_old 2012-11-12 11:22:25.0 +0100 +++ /var/tmp/diff_new_pack.VdVxfL/_new 2012-11-12 11:22:25.0 +0100 @@ -31,6 +31,7 @@ Patch3: wget-sni.patch Patch4: wget-stdio.h.patch Patch5: wget-openssl-no-intern.patch +Patch6: wget-no-ssl-comp.patch BuildRequires: libpng-devel %if 0%{suse_version} 1110 BuildRequires: libproxy-devel @@ -55,6 +56,7 @@ %patch3 %patch4 -p1 %patch5 +%patch6 %build %if 0%{suse_version} 1110 ++ wget-no-ssl-comp.patch ++ --- src/openssl.c.orig +++ src/openssl.c @@ -248,6 +248,10 @@ ssl_init () /* Keep memory usage as low as possible */ SSL_CTX_set_mode (ssl_ctx, SSL_MODE_RELEASE_BUFFERS); #endif +#ifdef SSL_OP_NO_COMPRESSION + SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_COMPRESSION); +#endif + return true; error: -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2012-10-03 10:14:46 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget, Maintainer is m...@suse.com Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2012-07-30 11:49:51.0 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2012-10-03 10:14:47.0 +0200 @@ -1,0 +2,7 @@ +Thu Sep 27 13:46:49 UTC 2012 - crrodrig...@opensuse.org + +- Add wget-openssl-no-intern.patch to Build with OPENSSL_NO_SSL_INTERN, + which is openssl's poor man's version of visibility, to avoid breaking + applications ABI on library internal changes. + +--- New: wget-openssl-no-intern.patch Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.cLesMG/_old 2012-10-03 10:14:48.0 +0200 +++ /var/tmp/diff_new_pack.cLesMG/_new 2012-10-03 10:14:48.0 +0200 @@ -30,6 +30,7 @@ Patch1: wget-libproxy.patch Patch3: wget-sni.patch Patch4: wget-stdio.h.patch +Patch5: wget-openssl-no-intern.patch BuildRequires: libpng-devel %if 0%{suse_version} 1110 BuildRequires: libproxy-devel @@ -53,6 +54,7 @@ %endif %patch3 %patch4 -p1 +%patch5 %build %if 0%{suse_version} 1110 ++ wget-openssl-no-intern.patch ++ --- src/openssl.c.orig +++ src/openssl.c @@ -29,6 +29,7 @@ Corresponding Source for a non-source fo shall include the source code for the parts of OpenSSL used as well as that of the covered work. */ +#define OPENSSL_NO_SSL_INTERN #include wget.h #include assert.h @@ -429,7 +430,7 @@ ssl_connect_wget (int fd, const char *ho if (!SSL_set_fd (conn, FD_TO_SOCKET (fd))) goto error; SSL_set_connect_state (conn); - if (SSL_connect (conn) = 0 || conn-state != SSL_ST_OK) + if (SSL_connect (conn) = 0 || SSL_get_state(conn) != SSL_ST_OK) goto error; ctx = xnew0 (struct openssl_transport_context); -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2012-07-30 11:18:56 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget, Maintainer is m...@suse.com Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2012-03-22 13:47:15.0 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2012-07-30 11:49:51.0 +0200 @@ -1,0 +2,5 @@ +Fri Jul 27 20:03:31 UTC 2012 - a...@suse.de + +- Fix build with missing gets declaration (glibc 2.16) + +--- New: wget-stdio.h.patch Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.i9Ztn8/_old 2012-07-30 11:49:56.0 +0200 +++ /var/tmp/diff_new_pack.i9Ztn8/_new 2012-07-30 11:49:56.0 +0200 @@ -29,6 +29,7 @@ # PATCH-FEATURE-UPSTREAM wget-libproxy.patch dims...@opensuse.org -- Add libproxy support to wget Patch1: wget-libproxy.patch Patch3: wget-sni.patch +Patch4: wget-stdio.h.patch BuildRequires: libpng-devel %if 0%{suse_version} 1110 BuildRequires: libproxy-devel @@ -51,6 +52,7 @@ %patch1 %endif %patch3 +%patch4 -p1 %build %if 0%{suse_version} 1110 ++ wget-stdio.h.patch ++ Index: wget-1.13.4/lib/stdio.in.h === --- wget-1.13.4.orig/lib/stdio.in.h +++ wget-1.13.4/lib/stdio.in.h @@ -694,10 +694,12 @@ _GL_CXXALIAS_SYS (gets, char *, (char *s # undef gets # endif _GL_CXXALIASWARN (gets); +# if HAVE_RAW_DECL_GETS /* It is very rare that the developer ever has full control of stdin, so any use of gets warrants an unconditional warning. Assume it is always declared, since it is required by C89. */ _GL_WARN_ON_USE (gets, gets is a security hole - use fgets instead); +# endif #endif -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2012-03-22 13:45:56 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget, Maintainer is m...@suse.com Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2011-12-08 12:27:17.0 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2012-03-22 13:47:15.0 +0100 @@ -1,0 +2,7 @@ +Wed Mar 21 19:44:53 UTC 2012 - dims...@opensuse.org + +- Adjust wget-libproxy.patch: give debug output only when + opt.debug is set to non-zero values, so when -d is specified. + Fix bnc#753242. + +--- Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.7G2fGd/_old 2012-03-22 13:47:17.0 +0100 +++ /var/tmp/diff_new_pack.7G2fGd/_new 2012-03-22 13:47:17.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package wget # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,13 +15,14 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + Name: wget Version:1.13.4 Release:0 -License:GPL-3.0+ Summary:A Tool for Mirroring FTP and HTTP Servers -Url:http://www.gnu.org/software/wget/ +License:GPL-3.0+ Group: Productivity/Networking/Web/Utilities +Url:http://www.gnu.org/software/wget/ Source: %name-%version.tar.bz2 # PATCH-MISSING-TAG -- See http://wiki.opensuse.org/Packaging/Patches Patch0: wgetrc.patch @@ -32,10 +33,10 @@ %if 0%{suse_version} 1110 BuildRequires: libproxy-devel %endif -BuildRequires: openssl-devel BuildRequires: automake -BuildRequires: pkg-config BuildRequires: libidn-devel +BuildRequires: openssl-devel +BuildRequires: pkg-config PreReq: %install_info_prereq BuildRoot: %{_tmppath}/%{name}-%{version}-build ++ wget-libproxy.patch ++ --- /var/tmp/diff_new_pack.7G2fGd/_old 2012-03-22 13:47:17.0 +0100 +++ /var/tmp/diff_new_pack.7G2fGd/_new 2012-03-22 13:47:17.0 +0100 @@ -62,23 +62,23 @@ + pxProxyFactory *pf = px_proxy_factory_new(); +if (!pf) +{ -+ logprintf (LOG_VERBOSE, _(Allocating memory for libproxy failed)); ++ debug_logprintf (_(Allocating memory for libproxy failed)); + return NULL; +} + int i; + char direct[] = direct://; + -+ logprintf (LOG_VERBOSE, _(asking libproxy about url '%s'\n), u-url); ++ debug_logprintf (_(asking libproxy about url '%s'\n), u-url); + char **proxies = px_proxy_factory_get_proxies(pf, u-url); + if (proxies[0]) + { + char *check = NULL; + asprintf(check , %s, proxies[0]); -+ logprintf (LOG_VERBOSE, _(libproxy suggest to use '%s'\n), check); ++ debug_logprintf (_(libproxy suggest to use '%s'\n), check); + if(strcmp(check ,direct) != 0) + { + asprintf(proxy , %s, proxies[0]); -+ logprintf (LOG_VERBOSE, _(case 2: libproxy setting to use '%s'\n), proxy); ++ debug_logprintf (_(case 2: libproxy setting to use '%s'\n), proxy); + } + } + for(i=0;proxies[i];i++) free(proxies[i]); -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2011-12-08 12:26:51 Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) Package is wget, Maintainer is m...@suse.com Changes: --- /work/SRC/openSUSE:Factory/wget/wget.changes2011-10-20 14:13:12.0 +0200 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2011-12-08 12:27:17.0 +0100 @@ -1,0 +2,5 @@ +Fri Dec 2 15:59:32 UTC 2011 - co...@suse.com + +- add automake as buildrequire to avoid implicit dependency + +--- Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.RSS5V6/_old 2011-12-08 12:27:26.0 +0100 +++ /var/tmp/diff_new_pack.RSS5V6/_new 2011-12-08 12:27:26.0 +0100 @@ -15,12 +15,10 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # - - Name: wget Version:1.13.4 -Release:5 -License:GPLv3+ +Release:0 +License:GPL-3.0+ Summary:A Tool for Mirroring FTP and HTTP Servers Url:http://www.gnu.org/software/wget/ Group: Productivity/Networking/Web/Utilities @@ -35,9 +33,8 @@ BuildRequires: libproxy-devel %endif BuildRequires: openssl-devel -%if 0%{suse_version} 0910 +BuildRequires: automake BuildRequires: pkg-config -%endif BuildRequires: libidn-devel PreReq: %install_info_prereq BuildRoot: %{_tmppath}/%{name}-%{version}-build -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit wget for openSUSE:Factory
Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at Sun Oct 16 13:01:46 CEST 2011. --- openSUSE:Factory/wget/wget.changes 2011-09-23 12:50:33.0 +0200 +++ /mounts/work_src_done/STABLE/wget/wget.changes 2011-10-15 20:21:27.0 +0200 @@ -1,0 +2,15 @@ +Sat Oct 15 18:19:59 UTC 2011 - crrodrig...@opensuse.org + +- fix typo in sni patch , in the IPV6 case should be + is_valid_ipv6_address() instead of is_valid_ipv4_address() +- Add comment to the patch referencing upstream tracker. + +--- +Fri Oct 14 05:01:53 UTC 2011 - crrodrig...@opensuse.org + +- Update nosslv2 patch with the version in upstream +- Wget now supports SNI (server name indication), patch + based on a 2 year old fix submitted to upstream list + that somehow fell through the cracks. + +--- calling whatdependson for head-i586 New: wget-sni.patch Other differences: -- ++ wget.spec ++ --- /var/tmp/diff_new_pack.5uqKhi/_old 2011-10-16 13:01:42.0 +0200 +++ /var/tmp/diff_new_pack.5uqKhi/_new 2011-10-16 13:01:42.0 +0200 @@ -30,6 +30,7 @@ # PATCH-FEATURE-UPSTREAM wget-libproxy.patch dims...@opensuse.org -- Add libproxy support to wget Patch1: wget-libproxy.patch Patch2: wget-1.12-nosslv2.patch +Patch3: wget-sni.patch BuildRequires: libpng-devel BuildRequires: libproxy-devel BuildRequires: openssl-devel @@ -47,6 +48,7 @@ %patch0 %patch1 -p1 %patch2 +%patch3 %build ./autogen.sh ++ wget-1.12-nosslv2.patch ++ --- /var/tmp/diff_new_pack.5uqKhi/_old 2011-10-16 13:01:42.0 +0200 +++ /var/tmp/diff_new_pack.5uqKhi/_new 2011-10-16 13:01:42.0 +0200 @@ -1,36 +1,7 @@ src/init.c.orig -+++ src/init.c -@@ -1331,7 +1331,9 @@ cmd_spec_secure_protocol (const char *co - { - static const struct decode_item choices[] = { - { auto, secure_protocol_auto }, -+#ifndef OPENSSL_NO_SSL2 - { sslv2, secure_protocol_sslv2 }, -+#endif - { sslv3, secure_protocol_sslv3 }, - { tlsv1, secure_protocol_tlsv1 }, - }; src/openssl.c.orig -+++ src/openssl.c -@@ -42,6 +42,7 @@ as that of the covered work. */ - #include openssl/x509.h - #include openssl/err.h - #include openssl/rand.h -+#include openssl/engine.h - - #include utils.h - #include connect.h -@@ -178,15 +179,21 @@ ssl_init () - SSL_load_error_strings (); - SSLeay_add_all_algorithms (); - SSLeay_add_ssl_algorithms (); -+/* Load all bundled ENGINEs into memory and make them visible */ -+ ENGINE_load_builtin_engines(); -+/* Register all of them for every algorithm they collectively implement */ -+ ENGINE_register_all_complete(); - - switch (opt.secure_protocol) - { +=== modified file 'src/openssl.c' +--- src/openssl.c 2011-04-04 14:56:51 + src/openssl.c 2011-04-11 09:08:39 + +@@ -186,9 +186,11 @@ case secure_protocol_auto: meth = SSLv23_client_method (); break; @@ -42,26 +13,4 @@ case secure_protocol_sslv3: meth = SSLv3_client_method (); break; src/options.h.orig -+++ src/options.h -@@ -171,7 +171,9 @@ struct options - #ifdef HAVE_SSL - enum { - secure_protocol_auto, -+#ifndef OPENSSL_NO_SSL2 - secure_protocol_sslv2, -+#endif - secure_protocol_sslv3, - secure_protocol_tlsv1 - } secure_protocol; /* type of secure protocol to use. */ src/iri.c.orig -+++ src/iri.c -@@ -114,7 +114,7 @@ check_encoding_name (char *encoding) - static bool - open_locale_to_utf8 (void) - { -- -+return true; - } - - /* Try converting string str from locale to UTF-8. Return a new string + ++ wget-sni.patch ++ https://savannah.gnu.org/bugs/?func=detailitemitem_id=26786 === modified file 'src/host.c' --- src/host.c.orig +++ src/host.c @@ -904,3 +904,19 @@ host_cleanup (void) host_name_addresses_map = NULL; } } + +/* Determine whether or not a hostname is an IP address that we recognise. */ +bool +is_ip_address (const char *name) +{ + const char *endp; + + endp = name + strlen(name); + if (is_valid_ipv4_address(name, endp)) +return true; +#ifdef ENABLE_IPV6 + if (is_valid_ipv6_address(name, endp)) +return true; +#endif + return false; +} --- src/host.h.orig +++ src/host.h @@ -101,5 +101,5 @@ bool accept_domain (struct url *); bool sufmatch (const char **, const char *); void host_cleanup (void); - +bool is_ip_address(const char *); #endif /* HOST_H */ --- src/http.c.orig +++ src/http.c @@ -1762,7 +1762,7 @@ gethttp (struct url *u, struct http_stat if (conn-scheme == SCHEME_HTTPS) { - if (!ssl_connect_wget (sock)) + if (!ssl_connect_wget (sock, u-host)) { fd_close (sock); return CONSSLERR; ---