Navigation:
Browse pkgsrc
(this page)| 2018-11-04 17:34:57 by Benny Siegert | Files touched by this commit (2) |
Log message: Enable the psl option by default for wget. Enabling the PSL is a good thing for security and privacy, as it protects against all sorts of cookie shenanigans. Bump revision. |
| 2018-08-22 11:48:07 by Thomas Klausner | Files touched by this commit (3558) |
Log message: Recursive bump for perl5-5.28.0 |
| 2018-07-28 14:29:20 by Benny Siegert | Files touched by this commit (1) |
Log message: Add a "psl" option (off by default) to build wget with PSL. This improves privacy by restricting cookies to a well-known list of public suffixes. We can consider turning that option on by default in the future. Fixes PR pkg/53459. |
2018-05-07 08:48:39 by Thomas Klausner | Files touched by this commit (2) |  |
Log message: wget: update to 1.19.5. * Changes in Wget 1.19.5 * Fix cookie injection (CVE-2018-0494) * Enable TLS1.3 with recent OpenSSL environment * New option --ciphers to set GnuTLS / OpenSSL ciphers directly * Updated CSS grammar to CSS 2.2 * Fixed several memleaks found by OSS-Fuzz * Fixed several buffer overflows found by OSS-Fuzz * Fixed several integer overflows found by OSS-Fuzz * Several minor bug fixes * Changes in Wget 1.19.4 * A major bug that caused GZip'ed pages to never be decompressed has been fixed * Support for Content-Encoding and Transfer-Encoding have been marked as experimental and disabled by default * Changes in Wget 1.19.3 * Prevent erroneous decompression of .gz and .tgz files with broken servers * Added support for HTTP 308 Permanent Redirect response * Fix a segfault in some cases where the Content-Type header is not sent * Support OpenSSL 1.1 builds without using deprecated features * Fix netrc file detection on Windows * Several minor bug fixes |
| 2018-04-18 00:29:53 by Thomas Klausner | Files touched by this commit (286) |
Log message: Add p11-kit to gnutls/bl3.mk and bump dependencies. |
| 2017-11-23 17:03:29 by Thomas Klausner | Files touched by this commit (4) | |
Log message: wget: update to 1.19.2. * Changes in Wget 1.19.2 * Fix CVE-2017-13089 (Stack overflow in HTTP protocol handling) * Fix CVE-2017-13090 (Heap overflow in HTTP protocol handling) * New option --compression for gzip Content-Encoding * New option --[no]-netrc to control .netrc parsing * Added GNU extensions to .netrc parsing * Improved IDNA 2003 compatibility * Fix VPATH issues * Improved and extended the test suite * Support Wayback Machine's X-Archive-Orig-last-modified * Several bug fixes |
| 2017-11-14 10:51:13 by Leonardo Taccari | Files touched by this commit (2) |
Log message: wget: Use devel/libidn2 and adjust `idn' option logic in options.mk Since wget-1.19, libidn2 is needed for the IDN/IRIs support. Adjust the `idn' package option logic to reflect that and explicitly ask for it via CONFIGURE_ARGS. This should also fix the build without the `idn' option selected pointed out by john heasley via PR pkg/52726. Bump PKGREVISION |
| 2017-10-26 17:01:39 by Tim Zingelman | Files touched by this commit (4) |
Log message: wget: patches for VE-2017-13089 and CVE-2017-13090 |
| 2017-05-15 07:10:09 by Kimmo Suominen | Files touched by this commit (2) |
Log message: Add a patch for CVE-2017-6508 from upstream. |
| 2017-02-20 13:25:48 by Ryo ONODERA | Files touched by this commit (4) |
Log message: Update to 1.19.1 Changelog: * Changes in Wget 1.19.1 * Fix bugs, a regression, portability/build issues * Add new option --retry-on-http-error * Changes in Wget 1.19 * New option --use-askpass=COMMAND. Fetch user/password by calling an external program. * Use IDNA2008 (+ TR46 if available) through libidn2 * When processing a Metalink header, --metalink-index=<number> allows to process the header's application/metalink4+xml files. * When processing a Metalink file, --trust-server-names enables the use of the destination file names specified in the Metalink file, otherwise a safe destination file name is computed. * When processing a Metalink file, enforce a safe destination path. Remove any drive letter prefix under w32, i.e. 'C:D:file'. Call libmetalink's metalink_check_safe_path() to prevent absolute, relative, or home paths: https://tools.ietf.org/html/rfc5854#section-4.1.2.1 https://tools.ietf.org/html/rfc5854#section-4.2.8.3 * When processing a Metalink file, --directory-prefix=<prefix> sets the top of the retrieval tree to prefix for Metalink downloads. * When processing a Metalink file, reject downloaded files which don't agree with their own metalink:size value: https://tools.ietf.org/html/rfc5854#section-4.2.16 * When processing a Metalink file, with --continue resume partially downloaded files and keep fully downloaded files even if they fail the verification. * When processing a Metalink file, create the parent directories of a "path/file" destination file name: https://tools.ietf.org/html/rfc5854#section-4.1.2.1 https://tools.ietf.org/html/rfc5854#section-4.2.8.3 * On a recursive download, append a .tmp suffix to temporary files that will be deleted after being parsed, and create them readable/writable only by the owner. * New make target 'check-valgrind' * Fix several bugs * Fix compatibility issues |
New packages: