[pkgsrc/trunk]: pkgsrc/net/wget Update to 1.19.1

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/net/wget Update to 1.19.1
From: ryoon <ryoon%pkgsrc.org@localhost>
Date: Wed, 15 Jan 2020 06:44:39 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/66170b8da760
branches:  trunk
changeset: 358795:66170b8da760
user:      ryoon <ryoon%pkgsrc.org@localhost>
date:      Mon Feb 20 12:25:48 2017 +0000

description:
Update to 1.19.1

Changelog:
* Changes in Wget 1.19.1

* Fix bugs, a regression, portability/build issues

* Add new option --retry-on-http-error


* Changes in Wget 1.19

* New option --use-askpass=COMMAND. Fetch user/password by calling
  an external program.

* Use IDNA2008 (+ TR46 if available) through libidn2

* When processing a Metalink header, --metalink-index=<number> allows
  to process the header's application/metalink4+xml files.

* When processing a Metalink file, --trust-server-names enables the
  use of the destination file names specified in the Metalink file,
  otherwise a safe destination file name is computed.

* When processing a Metalink file, enforce a safe destination path.
  Remove any drive letter prefix under w32, i.e. 'C:D:file'.  Call
  libmetalink's metalink_check_safe_path() to prevent absolute,
  relative, or home paths:
  https://tools.ietf.org/html/rfc5854#section-4.1.2.1
  https://tools.ietf.org/html/rfc5854#section-4.2.8.3

* When processing a Metalink file, --directory-prefix=<prefix> sets
  the top of the retrieval tree to prefix for Metalink downloads.

* When processing a Metalink file, reject downloaded files which don't
  agree with their own metalink:size value:
  https://tools.ietf.org/html/rfc5854#section-4.2.16

* When processing a Metalink file, with --continue resume partially
  downloaded files and keep fully downloaded files even if they fail
  the verification.

* When processing a Metalink file, create the parent directories of a
  "path/file" destination file name:
  https://tools.ietf.org/html/rfc5854#section-4.1.2.1
  https://tools.ietf.org/html/rfc5854#section-4.2.8.3

* On a recursive download, append a .tmp suffix to temporary files
  that will be deleted after being parsed, and create them
  readable/writable only by the owner.

* New make target 'check-valgrind'

* Fix several bugs

* Fix compatibility issues

diffstat:

 net/wget/Makefile                    |   5 +-
 net/wget/distinfo                    |  12 +++----
 net/wget/patches/patch-CVE-2016-7098 |  56 ------------------------------------
 net/wget/patches/patch-configure     |  15 ---------
 4 files changed, 7 insertions(+), 81 deletions(-)

diffs (110 lines):

diff -r b276c22b2d9e -r 66170b8da760 net/wget/Makefile
--- a/net/wget/Makefile Mon Feb 20 12:23:48 2017 +0000
+++ b/net/wget/Makefile Mon Feb 20 12:25:48 2017 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.133 2016/10/30 20:55:39 spz Exp $
+# $NetBSD: Makefile,v 1.134 2017/02/20 12:25:48 ryoon Exp $
 
-DISTNAME=      wget-1.18
-PKGREVISION=   3
+DISTNAME=      wget-1.19.1
 CATEGORIES=    net
 MASTER_SITES=  ${MASTER_SITE_GNU:=wget/}
 EXTRACT_SUFX=  .tar.xz
diff -r b276c22b2d9e -r 66170b8da760 net/wget/distinfo
--- a/net/wget/distinfo Mon Feb 20 12:23:48 2017 +0000
+++ b/net/wget/distinfo Mon Feb 20 12:25:48 2017 +0000
@@ -1,9 +1,7 @@
-$NetBSD: distinfo,v 1.52 2016/10/30 20:55:39 spz Exp $
+$NetBSD: distinfo,v 1.53 2017/02/20 12:25:48 ryoon Exp $
 
-SHA1 (wget-1.18.tar.xz) = 02d451e658f600ee519c42cbf4d3bfe4e49b6c4f
-RMD160 (wget-1.18.tar.xz) = 4fdf9c523b434050eeccfbd14b98c90c591d7ce4
-SHA512 (wget-1.18.tar.xz) = a3f6fe2f44a8d797659d55cffaf81eb82b770c96222a0ee29bc4931b13846f8d8b9a07806f2197723c873a1248922d59cca5a81869661d9c6c3107447c184338
-Size (wget-1.18.tar.xz) = 1922376 bytes
-SHA1 (patch-CVE-2016-7098) = fa6c96a24590c191440ae91f76e5c10e8db84d4b
-SHA1 (patch-configure) = 4d65f3e3c4d60174442aa1b75b64b7511bbc6497
+SHA1 (wget-1.19.1.tar.xz) = cde25e99c144191644406793cbd1c69c102c6970
+RMD160 (wget-1.19.1.tar.xz) = 158d759b81c0893cc9c83e4beabb104f4987f6dd
+SHA512 (wget-1.19.1.tar.xz) = 00864d225439bcb7c5af01d7ef19efa615427812d3320ab3f4c8f62c38191e837b1392397843f935d7dc5860a4d0ce89ee31f2730c4a729402f1f2bf3e5f64e5
+Size (wget-1.19.1.tar.xz) = 2111756 bytes
 SHA1 (patch-doc_wget.texi) = 6db25b3500ff4617b5ade34d9013b1f9876104f8
diff -r b276c22b2d9e -r 66170b8da760 net/wget/patches/patch-CVE-2016-7098
--- a/net/wget/patches/patch-CVE-2016-7098      Mon Feb 20 12:23:48 2017 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,56 +0,0 @@
-patch for CVE-2016-7098 from
-http://git.savannah.gnu.org/cgit/wget.git/commit/?id=9ffb64ba6a8121909b01e984deddce8d096c498d
-http://git.savannah.gnu.org/cgit/wget.git/commit/?id=690c47e3b18c099843cdf557a0425d701fca4957
-(only the compilable parts)
-
---- src/http.c.orig    2016-06-09 16:10:14.000000000 +0000
-+++ src/http.c 2016-10-27 20:02:46.000000000 +0000
-@@ -39,6 +39,7 @@ as that of the covered work.  */
- #include <errno.h>
- #include <time.h>
- #include <locale.h>
-+#include <fcntl.h>
- 
- #include "hash.h"
- #include "http.h"
-@@ -1564,6 +1565,7 @@ struct http_stat
- #ifdef HAVE_METALINK
-   metalink_t *metalink;
- #endif
-+  bool temporary;               /* downloading a temporary file */
- };
- 
- static void
-@@ -2254,6 +2256,15 @@ check_file_output (struct url *u, struct
-       xfree (local_file);
-     }
- 
-+  hs->temporary = opt.delete_after || opt.spider || !acceptable (hs->local_file);
-+  if (hs->temporary)
-+    {
-+      char *tmp = NULL;
-+      asprintf (&tmp, "%s.tmp", hs->local_file);
-+      xfree (hs->local_file);
-+      hs->local_file = tmp;
-+    }
-+
-   /* TODO: perform this check only once. */
-   if (!hs->existence_checked && file_exists_p (hs->local_file))
-     {
-@@ -2467,7 +2478,15 @@ open_output_stream (struct http_stat *hs
-           open_id = 22;
-           *fp = fopen (hs->local_file, "wb", FOPEN_OPT_ARGS);
- #else /* def __VMS */
--          *fp = fopen (hs->local_file, "wb");
-+          if (hs->temporary)
-+            {
-+              *fp = fdopen (open (hs->local_file, O_BINARY | O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR | S_IWUSR), "wb");
-+            }
-+          else
-+            {
-+              *fp = fopen (hs->local_file, "wb");
-+            }
-+
- #endif /* def __VMS [else] */
-         }
-       else
diff -r b276c22b2d9e -r 66170b8da760 net/wget/patches/patch-configure
--- a/net/wget/patches/patch-configure  Mon Feb 20 12:23:48 2017 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-configure,v 1.1 2016/06/11 18:33:22 wiz Exp $
-
-Fix unportable test(1) operator.
-
---- configure.orig     2016-06-09 16:12:51.000000000 +0000
-+++ configure
-@@ -40378,7 +40378,7 @@ fi
- fi
- 
- 
--if test "X$with_cares" == "Xyes"; then :
-+if test "X$with_cares" = "Xyes"; then :
- 
- 
- pkg_failed=no

Prev by Date: [pkgsrc/trunk]: pkgsrc/pkgtools/pkg_comp Hardcode the location of sandboxctl ...
Next by Date: [pkgsrc/trunk]: pkgsrc/doc Updated net/wget to 1.19.1
Previous by Thread: [pkgsrc/trunk]: pkgsrc/pkgtools/pkg_comp Hardcode the location of sandboxctl ...
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc Updated net/wget to 1.19.1
Indexes:

Home | Main Index | Thread Index | Old Index