source: projects/specs/branches/6/w/wget/wget-vl.spec @ 9053

Revision 9053, 7.8 KB checked in by iwamoto, 10 years ago (diff)

wget: fix CVE-2014-4877

Line 
1Summary: A utility for retrieving files using the HTTP or FTP protocols.
2Summary(ja): HTTP/FTP プロトコルによるファイル取得ユーティリティ
3Name: wget
4Version: 1.14
5Release: 3%{?_dist_release}
6License: GPL
7Group: Applications/Internet
8# Source0: ftp://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.bz2
9Source0: ftp://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz
10Patch0:  wget-1.12-path.patch
11Patch10: wget-1.14-sslreadtimeout.patch
12
13## Vine Patch(es)
14Patch100:  wget-vine-modified.patch
15# Security Fix
16Patch200:  wget-1.14_CVE-2014-4877.patch
17
18Provides: webclient
19Requires(pre): install-info
20BuildRoot: %{_tmppath}/%{name}-%{version}-root
21%if %{_dist_release} > "vl6"
22BuildRequires: openssl-devel, libuuid-devel, zlib-devel
23%else
24BuildRequires: openssl-devel, zlib-devel
25%endif
26%{?nosrc:NoSource: 0}
27
28Vendor: Project Vine
29Distribution: Vine Linux
30
31%description
32GNU Wget is a file retrieval utility which can use either the HTTP or
33FTP protocols.  Wget features include the ability to work in the
34background while you're logged out, recursive retrieval of
35directories, file name wildcard matching, remote file timestamp
36storage and comparison, use of Rest with FTP servers and Range with
37HTTP servers to retrieve files over slow or unstable connections,
38support for Proxy servers, and configurability.
39
40Install wget if you need to retrieve large numbers of files with HTTP or
41FTP, or if you need a utility for mirroring web sites or FTP directories.
42
43#'
44%description -l ja
45GNU wget は HTTP や FTP プロトコルを使用してファイルを取得するユーティリ
46ティです。wget には次のような特徴があります。
47
48 - ログアウトしている間にバックグラウンドで実行可能
49 - ディレクトリの再帰的取得
50 - ファイル名のワイルドカードマッチング
51 - ファイルのタイムスタンプの保存と比較
52 - FTP サーバの Rest、HTTP サーバの Range を使用したダウンロードの再開
53 - プロキシサーバへの対応
54 - 設定の容易さ
55
56もし HTTP か FTP で大量のファイルを取得する必要があったり、Web サイトや
57FTP ディレクトリをミラーするユーティリティが必要なら wget をインストール
58してください。
59
60%prep
61%setup -q
62%patch0 -p1 -b .path
63%patch10 -p1 -b .sslreadtimeout
64
65## Vine Patch(es)
66%patch100 -p0 -b .vine
67
68# Security Fix
69%patch200 -p1 -b .CVE-2014-4877
70
71%build
72%configure --with-ssl=openssl
73%__make %{?_smp_mflags}
74
75%install
76%__rm -rf $RPM_BUILD_ROOT
77%makeinstall
78%find_lang %{name}
79
80%post
81/sbin/install-info %{_infodir}/%{name}.info %{_infodir}/dir
82
83%preun
84if [ "$1" = 0 ]; then
85        /sbin/install-info --delete %{_infodir}/%{name}.info %{_infodir}/dir
86fi
87
88%clean
89%__rm -rf $RPM_BUILD_ROOT
90
91%files -f %{name}.lang
92%defattr(-,root,root)
93%doc AUTHORS MAILING-LIST NEWS README INSTALL COPYING
94%config %{_sysconfdir}/wgetrc
95%{_bindir}/wget
96%{_infodir}/wget.info*
97%{_mandir}/man1/wget.1*
98
99%changelog
100* Tue Nov  4 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.14-3
101- add patch200 for fix CVE-2014-4877 (symlink attack)
102
103* Sat Oct 27 2012 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.14-2
104- add BR: if-endif for vine6
105
106* Thu Oct 25 2012 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.14-1
107- new upstream release
108- add pacth10,100 from fc19
109- add BR: libuuid-devel
110
111* Mon May  7 2012 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.13.4-1
112- new upstream release
113- add patch0 from fc17
114- drop old patches
115- change configure option to use openssl
116- change src format from bz2 to xz
117
118* Tue Jan 11 2011 Yoji TOYODA <bsyamato@sea.plala.or.jp> 1.11.4-3
119- rebuild with openssl-1.0.0c
120
121* Fri Sep 25 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.11.4-2
122- patch110 for fix openssl null char issue
123
124* Wed Oct 22 2008 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.11.4-1
125- new upstream release
126- SPEC in UTF-8
127
128* Wed Mar 26 2008 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.11.1-1
129- new upstream release
130- drop patch100 which is in included in new release
131- build under new versioning policy
132
133* Wed May 30 2007 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 1.10.2-0vl3
134- rebuild with openssl-0.9.8
135
136* Fri Jan 12 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.10.2-0vl2
137- rebuilt for VineSeed
138- fix changelog typo
139
140* Fri Jan 12 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.10.2-0vl1.1
141- add pacth100 for fix CVE-2006-6719 (SYST Unchecked Boundary Condition)
142
143* Wed Oct 19 2005 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.10.2-0vl1
144- [SECURITY FIX] upstream release
145  - Stack-based buffer overflow (CAN-2005-3185)
146
147* Thu Jul 07 2005 KAZUKI SHIMURA <kazuki@ma.ccnw.ne.jp> 1.10-0vl1
148- [SECURITY FIX] upstream release
149  - overwrite certain files via a redirection URL (CAN-2004-1487)
150  - execute arbitrary code (CAN-2004-1488)
151  - overwrite arbitrary files via a symlink attack (CAN-2004-2014)
152- %%doc
153  - add COPYING, TODO
154  - drop doc/ChangeLog
155- not compress info at %%install (should be done by %%__install_spec_post)
156- drop obsolete patches
157- update Japanese description
158
159* Wed Mar 31 2004 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 1.9.1-0vl1
160- source upgrade
161- build with openssl-0.9.7d
162- Prereq: install-info instead of /sbin/install-info
163- remove all patches
164
165* Sun Dec 15 2002 IWAI Masaharu <iwai@alib.jp> 1.8.1-0vl5
166- rebuild on VineSeed
167
168* Thu Dec 12 2002 IWAI Masaharu <iwai@alib.jp> 1.8.1-0vl4
169- fix directory traversal bug
170    add wget-1.8.2-filename.patch(Patch101) from RedHat updates 1.8.2-4.6x
171
172* Wed Mar 13 2002 MATSUBAYASHI Kohji <shaolin@vinelinux.org> 1.8.1-0vl3
173- revamped Patch10 to fit with 1.8.1 source. But disable it.
174
175* Wed Mar 13 2002 Toru Sagami <sagami@vinelinux.org> 1.8.1-0vl2
176- added patch from current CVS to fix broken recursive download.
177
178* Tue Dec 25 2001 Toru Sagami <sagami@vinelinux.org>
179- 1.8.1
180
181* Mon Dec 10 2001 Toru Sagami <sagami@vinelinux.org>
182- 1.8-0vl0: update to 1.8 with an ad-hoc patch for md5.h
183
184* Thu Nov 22 2001 MATSUBAYASHI Kohji <shaolin@vinelinux.org> 1.7.1-0vl2
185- added ppc patch derived from:
186  http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=109348
187
188* Mon Nov 19 2001 Toru Sagami <sagami@vinelinux.org>
189- 1.7.1-0vl1: use ja.po included in source
190
191* Fri Aug 24 2001 Toru Sagami <sagami@vinelinux.org>
192- 1.7-0vl2: configure --with-ssl
193
194* Wed Jun 13 2001 <sagami@vinelinux.org>
195- 1.7-0vl1: update to 1.7 with updated ja.po
196
197* Tue May 29 2001 <sagami@vinelinux.org>
198- 1.6-0vl2: use better macros
199
200* Fri Jan 5 2001 Yoichi Imai <yoichi@silver-forest.com>
201- removed getmore patch, ja.patch, ja.po
202- removed gzip and strip
203- used environment variable of rpm
204- not used symlink patch
205
206* Fri Sep 08 2000 MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org>
207- 1.5.3_jp-6
208- modified %files section to handle compressed man page(s)
209- added Japanese summary
210
211* Wed Jan 26 2000 Norihito Ohmori <nono@vinelinux.org>
212- fix ja.po
213
214* Thu Jan 20 2000 HIROSE, Masaaki <hirose31@t3.rim.or.jp>
215- added getmore.patch. to get files like LINK HREF="XXX".
216
217* Sun Nov 7 1999 Toru Hoshina <t@kondara.org>
218- be a NoSrc :-P
219
220* Sat Sep 18 1999 Norihito Ohmori <ohmori@flatout.org>
221- add ja.po
222- add Japanese Summary and Description
223
224* Thu Aug 26 1999 Jeff Johnson <jbj@redhat.com>
225- don't permit chmod 777 on symlinks (#4725).
226
227* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
228- auto rebuild in the new build environment (release 4)
229
230* Fri Dec 18 1998 Bill Nottingham <notting@redhat.com>
231- build for 6.0 tree
232- add Provides
233
234* Sat Oct 10 1998 Cristian Gafton <gafton@redhat.com>
235- strip binaries
236- version 1.5.3
237
238* Sat Jun 27 1998 Jeff Johnson <jbj@redhat.com>
239- updated to 1.5.2
240
241* Thu Apr 30 1998 Cristian Gafton <gafton@redhat.com>
242- modified group to Applications/Networking
243
244* Wed Apr 22 1998 Cristian Gafton <gafton@redhat.com>
245- upgraded to 1.5.0
246- they removed the man page from the distribution (Duh!) and I added it back
247  from 1.4.5. Hey, removing the man page is DUMB!
248
249* Fri Nov 14 1997 Cristian Gafton <gafton@redhat.com>
250- first build against glibc
Note: See TracBrowser for help on using the repository browser.