source: projects/specs/branches/6/w/wget/wget-vl.spec @ 11215

Revision 11215, 8.7 KB checked in by iwamoto, 7 years ago (diff)

wget: fix CVE-2017-13089 CVE-2017-13090
Line 
1Summary: A utility for retrieving files using the HTTP or FTP protocols.
2Summary(ja): HTTP/FTP プロトコルによるファイル取得ユーティリティ
3Name: wget
4Version: 1.18
5Release: 3%{?_dist_release}
6License: GPL
7Group: Applications/Internet
8# Source0: ftp://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.bz2
9Source0: http://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz
10Patch0:  wget-1.17.1-path.patch
11
12## Vine Patch(es)
13Patch110: wget-1.18_disable_sslv2.patch
14# Security Fix
15Patch120: wget-CVE-2017-13089.patch
16Patch130: wget-CVE-2017-13090.patch
17
18Provides: webclient
19Requires(pre): install-info
20BuildRoot: %{_tmppath}/%{name}-%{version}-root
21%if %{_dist_release} > "vl6"
22BuildRequires: openssl-devel, libuuid-devel, zlib-devel
23BuildRequires: texinfo
24%else
25BuildRequires: openssl-devel, zlib-devel
26BuildRequires: texinfo
27%endif
28%{?nosrc:NoSource: 0}
29
30Vendor: Project Vine
31Distribution: Vine Linux
32
33%description
34GNU Wget is a file retrieval utility which can use either the HTTP or
35FTP protocols.  Wget features include the ability to work in the
36background while you're logged out, recursive retrieval of
37directories, file name wildcard matching, remote file timestamp
38storage and comparison, use of Rest with FTP servers and Range with
39HTTP servers to retrieve files over slow or unstable connections,
40support for Proxy servers, and configurability.
41
42Install wget if you need to retrieve large numbers of files with HTTP or
43FTP, or if you need a utility for mirroring web sites or FTP directories.
44
45#'
46%description -l ja
47GNU wget は HTTP や FTP プロトコルを使用してファイルを取得するユーティリ
48ティです。wget には次のような特徴があります。
49
50 - ログアウトしている間にバックグラウンドで実行可能
51 - ディレクトリの再帰的取得
52 - ファイル名のワイルドカードマッチング
53 - ファイルのタイムスタンプの保存と比較
54 - FTP サーバの Rest、HTTP サーバの Range を使用したダウンロードの再開
55 - プロキシサーバへの対応
56 - 設定の容易さ
57
58もし HTTP か FTP で大量のファイルを取得する必要があったり、Web サイトや
59FTP ディレクトリをミラーするユーティリティが必要なら wget をインストール
60してください。
61
62%prep
63%setup -q
64
65%patch0 -p1 -b .path
66
67## Vine Patch(es)
68%patch110 -p1 -b .ssl2
69# Security Fix
70%patch120 -p1 -b .CVE-2017-13089
71%patch130 -p1 -b .CVE-2017-13090
72
73perl -pi -e "s/^PACKAGE_STRING=.+$/PACKAGE_STRING='wget %{version} (Vine)'/" configure
74
75%build
76CFLAGS="$RPM_OPT_FLAGS -DOPENSSL_NO_SSL2"; export CFLAGS
77%configure --with-ssl=openssl
78%__make %{?_smp_mflags}
79pushd po
80msgfmt -o ja.gmo ja.po
81popd
82
83%install
84%__rm -rf $RPM_BUILD_ROOT
85%makeinstall
86%find_lang %{name}
87
88%post
89/sbin/install-info %{_infodir}/%{name}.info %{_infodir}/dir
90
91%preun
92if [ "$1" = 0 ]; then
93        /sbin/install-info --delete %{_infodir}/%{name}.info %{_infodir}/dir
94fi
95
96%clean
97%__rm -rf $RPM_BUILD_ROOT
98
99%files -f %{name}.lang
100%defattr(-,root,root)
101%{!?_licensedir:%global license %%doc}
102%license COPYING
103%doc AUTHORS MAILING-LIST NEWS README INSTALL
104%config %{_sysconfdir}/wgetrc
105%{_bindir}/wget
106%{_infodir}/wget.info*
107%{_mandir}/man1/wget.1*
108
109%changelog
110* Sun Oct 29 2017 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.18-3
111- add Patch120 for fix CVE-2017-13089
112- add Patch130 for fix CVE-2017-13090
113
114* Thu Jul 21 2016 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.18-2
115- fixed BR:.
116
117* Tue Jul  5 2016 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.18-1
118- new upstream release.
119- dropped Patch100: added the same effect without patch.
120- updated Patch110.
121
122* Thu Mar 10 2016 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.17.1-1
123- new upstream release
124- disable sslv2 connection
125- rebuild with openssl 1.0.2g
126
127* Wed Nov  5 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.16-1
128- new upstream release with security fix
129- drop Patch10 (is included in new release)
130- update Patch0
131- add BR: texinfo
132
133* Sat Oct 27 2012 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.14-2
134- add BR: if-endif for vine6
135
136* Thu Oct 25 2012 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.14-1
137- new upstream release
138- add pacth10,100 from fc19
139- add BR: libuuid-devel
140
141* Mon May  7 2012 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.13.4-1
142- new upstream release
143- add patch0 from fc17
144- drop old patches
145- change configure option to use openssl
146- change src format from bz2 to xz
147
148* Tue Jan 11 2011 Yoji TOYODA <bsyamato@sea.plala.or.jp> 1.11.4-3
149- rebuild with openssl-1.0.0c
150
151* Fri Sep 25 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.11.4-2
152- patch110 for fix openssl null char issue
153
154* Wed Oct 22 2008 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.11.4-1
155- new upstream release
156- SPEC in UTF-8
157
158* Wed Mar 26 2008 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.11.1-1
159- new upstream release
160- drop patch100 which is in included in new release
161- build under new versioning policy
162
163* Wed May 30 2007 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 1.10.2-0vl3
164- rebuild with openssl-0.9.8
165
166* Thu Jan 12 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.10.2-0vl2
167- rebuilt for VineSeed
168- fix changelog typo
169
170* Thu Jan 12 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.10.2-0vl1.1
171- add pacth100 for fix CVE-2006-6719 (SYST Unchecked Boundary Condition)
172
173* Wed Oct 19 2005 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.10.2-0vl1
174- [SECURITY FIX] upstream release
175  - Stack-based buffer overflow (CAN-2005-3185)
176
177* Thu Jul 07 2005 KAZUKI SHIMURA <kazuki@ma.ccnw.ne.jp> 1.10-0vl1
178- [SECURITY FIX] upstream release
179  - overwrite certain files via a redirection URL (CAN-2004-1487)
180  - execute arbitrary code (CAN-2004-1488)
181  - overwrite arbitrary files via a symlink attack (CAN-2004-2014)
182- %%doc
183  - add COPYING, TODO
184  - drop doc/ChangeLog
185- not compress info at %%install (should be done by %%__install_spec_post)
186- drop obsolete patches
187- update Japanese description
188
189* Wed Mar 31 2004 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 1.9.1-0vl1
190- source upgrade
191- build with openssl-0.9.7d
192- Prereq: install-info instead of /sbin/install-info
193- remove all patches
194
195* Sun Dec 15 2002 IWAI Masaharu <iwai@alib.jp> 1.8.1-0vl5
196- rebuild on VineSeed
197
198* Thu Dec 12 2002 IWAI Masaharu <iwai@alib.jp> 1.8.1-0vl4
199- fix directory traversal bug
200    add wget-1.8.2-filename.patch(Patch101) from RedHat updates 1.8.2-4.6x
201
202* Wed Mar 13 2002 MATSUBAYASHI Kohji <shaolin@vinelinux.org> 1.8.1-0vl3
203- revamped Patch10 to fit with 1.8.1 source. But disable it.
204
205* Wed Mar 13 2002 Toru Sagami <sagami@vinelinux.org> 1.8.1-0vl2
206- added patch from current CVS to fix broken recursive download.
207
208* Tue Dec 25 2001 Toru Sagami <sagami@vinelinux.org>
209- 1.8.1
210
211* Mon Dec 10 2001 Toru Sagami <sagami@vinelinux.org>
212- 1.8-0vl0: update to 1.8 with an ad-hoc patch for md5.h
213
214* Thu Nov 22 2001 MATSUBAYASHI Kohji <shaolin@vinelinux.org> 1.7.1-0vl2
215- added ppc patch derived from:
216  http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=109348
217
218* Mon Nov 19 2001 Toru Sagami <sagami@vinelinux.org>
219- 1.7.1-0vl1: use ja.po included in source
220
221* Fri Aug 24 2001 Toru Sagami <sagami@vinelinux.org>
222- 1.7-0vl2: configure --with-ssl
223
224* Wed Jun 13 2001 <sagami@vinelinux.org>
225- 1.7-0vl1: update to 1.7 with updated ja.po
226
227* Tue May 29 2001 <sagami@vinelinux.org>
228- 1.6-0vl2: use better macros
229
230* Fri Jan 5 2001 Yoichi Imai <yoichi@silver-forest.com>
231- removed getmore patch, ja.patch, ja.po
232- removed gzip and strip
233- used environment variable of rpm
234- not used symlink patch
235
236* Fri Sep 08 2000 MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org>
237- 1.5.3_jp-6
238- modified %files section to handle compressed man page(s)
239- added Japanese summary
240
241* Wed Jan 26 2000 Norihito Ohmori <nono@vinelinux.org>
242- fix ja.po
243
244* Thu Jan 20 2000 HIROSE, Masaaki <hirose31@t3.rim.or.jp>
245- added getmore.patch. to get files like LINK HREF="XXX".
246
247* Sun Nov 7 1999 Toru Hoshina <t@kondara.org>
248- be a NoSrc :-P
249
250* Sat Sep 18 1999 Norihito Ohmori <ohmori@flatout.org>
251- add ja.po
252- add Japanese Summary and Description
253
254* Thu Aug 26 1999 Jeff Johnson <jbj@redhat.com>
255- don't permit chmod 777 on symlinks (#4725).
256
257* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
258- auto rebuild in the new build environment (release 4)
259
260* Fri Dec 18 1998 Bill Nottingham <notting@redhat.com>
261- build for 6.0 tree
262- add Provides
263
264* Sat Oct 10 1998 Cristian Gafton <gafton@redhat.com>
265- strip binaries
266- version 1.5.3
267
268* Sat Jun 27 1998 Jeff Johnson <jbj@redhat.com>
269- updated to 1.5.2
270
271* Thu Apr 30 1998 Cristian Gafton <gafton@redhat.com>
272- modified group to Applications/Networking
273
274* Wed Apr 22 1998 Cristian Gafton <gafton@redhat.com>
275- upgraded to 1.5.0
276- they removed the man page from the distribution (Duh!) and I added it back
277  from 1.4.5. Hey, removing the man page is DUMB!
278
279* Fri Nov 14 1997 Cristian Gafton <gafton@redhat.com>
280- first build against glibc
Note: See TracBrowser for help on using the repository browser.