Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2019-01-03 18:03:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "wget" Thu Jan 3 18:03:11 2019 rev:55 rq:661870 version:1.20.1 Changes: -------- --- /work/SRC/openSUSE:Factory/wget/wget.changes 2018-12-10 12:25:18.958708055 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new.28833/wget.changes 2019-01-03 18:03:13.484321944 +0100 @@ -1,0 +2,12 @@ +Fri Dec 28 20:51:04 UTC 2018 - [email protected] + +- GNU wget 1.20.1: + * --xattr is no longer default since it introduces privacy issues + * --xattr saves the Referer as scheme/host/port, + user/pw/path/query/fragment are no longer saved to prevent + privacy issues + * --xattr saves the Original URL without user/password to prevent + privacy issues + * all of the above fix CVE-2018-20483 (bsc#1120382) + +------------------------------------------------------------------- Old: ---- wget-1.20.tar.gz wget-1.20.tar.gz.sig New: ---- wget-1.20.1.tar.gz wget-1.20.1.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ wget.spec ++++++ --- /var/tmp/diff_new_pack.eerVSy/_old 2019-01-03 18:03:14.056321435 +0100 +++ /var/tmp/diff_new_pack.eerVSy/_new 2019-01-03 18:03:14.060321432 +0100 @@ -12,18 +12,18 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # %bcond_with regression_tests Name: wget -Version: 1.20 +Version: 1.20.1 Release: 0 Summary: A Tool for Mirroring FTP and HTTP Servers -License: GPL-3.0+ +License: GPL-3.0-or-later Group: Productivity/Networking/Web/Utilities -Url: https://www.gnu.org/software/wget/ +URL: https://www.gnu.org/software/wget/ Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz Source1: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz.sig Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wget&download=1#/wget.keyring @@ -105,7 +105,8 @@ %install_info_delete --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz %files -f %{name}.lang -%doc AUTHORS COPYING NEWS README MAILING-LIST +%license COPYING +%doc AUTHORS NEWS README MAILING-LIST %doc doc/sample.wgetrc util/rmold.pl %{_mandir}/*/wget* %{_infodir}/wget* ++++++ wget-1.20.tar.gz -> wget-1.20.1.tar.gz ++++++ ++++ 7889 lines of diff (skipped) ++++++ wget.keyring ++++++ ++++ 2200 lines (skipped) ++++ between wget.keyring ++++ and /work/SRC/openSUSE:Factory/.wget.new.28833/wget.keyring
