./net/wget, Retrieve files from the net via HTTP and FTP

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.20.3, Package name: wget-1.20.3, Maintainer: pkgsrc-users

Wget [formerly known as Geturl] is a freely available network utility
to retrieve files from the World Wide Web using HTTP and FTP, the two
most widely used Internet protocols. It works non-interactively, thus
enabling work in the background, after having logged off.

The recursive retrieval of HTML pages, as well as FTP sites is
supported -- you can use Wget to make mirrors of archives and home
pages, or traverse the web like a WWW robot (Wget understands
/robots.txt).


Required to run:
[devel/libidn2] [www/libpsl]

Required to build:
[pkgtools/cwrappers]

Package options: idn, inet6, openssl, psl

Master sites: (Expand)

SHA1: 021929778956b7d71cf5c4fd98b4c719b293088d
RMD160: 799ac821c7ffde9d2cb3007a6ce4114a66181ce6
Filesize: 2085.227 KB

Version history: (Expand)


CVS history: (Expand)


   2019-04-07 11:02:00 by David H. Gutteridge | Files touched by this commit (2) | Package updated
Log message:
Update wget to 1.20.3, which fixes CVE-2019-5953

It appears that the buffer overflow issue referred to is the same in
both 1.20.2 and 1.20.3 (they had to fix the fix).

Upstream changelog:
* Changes in Wget 1.20.3

** Fixed a buffer overflow vulnerability

* Changes in Wget 1.20.2

** NTLM authentication will retry under certain cases

** Fixed a buffer overflow vulnerability
   2019-04-03 02:33:20 by Ryo ONODERA | Files touched by this commit (748)
Log message:
Recursive revbump from textproc/icu
   2019-02-10 20:49:58 by S.P.Zeidler | Files touched by this commit (2)
Log message:
updating wget to 1.20.1, which fixes CVE-2018-20483

Upstream changelog:
   * Changes in Wget 1.20.1

   ** --xattr is no longer default since it introduces privacy issues.

   ** --xattr saves the Referer as scheme/host/port, user/pw/path/query/fragment
      are no longer saved to prevent privacy issues.

   ** --xattr saves the Original URL without user/password to prevent
      privacy issues.

   * Changes in Wget 1.20

   ** Add new option `--retry-on-host-error` to treat local errors as
      transient and hence Wget will retry to download the file after
      a brief waiting period.

   ** Fixed multiple potential resource leaks as found by static analysis

   ** Wget will now not create an empty wget-log file when running with
      -q and -b switches together

   ** When compiled using the GnuTLS >= 3.6.3, Wget now has support for TLSv1.3

   ** Now there is support for using libpcre2 for regex pattern matching

   ** When downloading over FTP recursively, one can now use the
      --{accept,reject}-regex switches to fine-tune the downloaded files

   ** Building Wget from the git sources now requires autoconf 2.63 or above.
      Building from the Tarballs works as it used to.
   2018-12-09 19:52:52 by Adam Ciarcinski | Files touched by this commit (724)
Log message:
revbump after updating textproc/icu
   2018-11-04 17:34:57 by Benny Siegert | Files touched by this commit (2)
Log message:
Enable the psl option by default for wget.

Enabling the PSL is a good thing for security and privacy, as it protects
against all sorts of cookie shenanigans.

Bump revision.
   2018-08-22 11:48:07 by Thomas Klausner | Files touched by this commit (3558)
Log message:
Recursive bump for perl5-5.28.0
   2018-07-28 14:29:20 by Benny Siegert | Files touched by this commit (1)
Log message:
Add a "psl" option (off by default) to build wget with PSL.

This improves privacy by restricting cookies to a well-known list of
public suffixes.

We can consider turning that option on by default in the future.

Fixes PR pkg/53459.
   2018-05-07 08:48:39 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
wget: update to 1.19.5.

* Changes in Wget 1.19.5

* Fix cookie injection (CVE-2018-0494)

* Enable TLS1.3 with recent OpenSSL environment

* New option --ciphers to set GnuTLS / OpenSSL ciphers directly

* Updated CSS grammar to CSS 2.2

* Fixed several memleaks found by OSS-Fuzz

* Fixed several buffer overflows found by OSS-Fuzz

* Fixed several integer overflows found by OSS-Fuzz

* Several minor bug fixes

* Changes in Wget 1.19.4

* A major bug that caused GZip'ed pages to never be decompressed has been fixed

* Support for Content-Encoding and Transfer-Encoding have been marked as
  experimental and disabled by default

* Changes in Wget 1.19.3

* Prevent erroneous decompression of .gz and .tgz files with broken servers

* Added support for HTTP 308 Permanent Redirect response

* Fix a segfault in some cases where the Content-Type header is not sent

* Support OpenSSL 1.1 builds without using deprecated features

* Fix netrc file detection on Windows

* Several minor bug fixes