Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at 2018-05-11 09:13:28 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/wget (Old) and /work/SRC/openSUSE:Factory/.wget.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "wget" Fri May 11 09:13:28 2018 rev:53 rq:604725 version:1.19.5 Changes: -------- --- /work/SRC/openSUSE:Factory/wget/wget.changes 2018-02-19 12:58:51.470642984 +0100 +++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2018-05-11 09:13:32.544802721 +0200 @@ -1,0 +2,14 @@ +Mon May 7 07:04:05 UTC 2018 - josef.moellers@suse.com + +- GNU wget 1.19.5: + * Fix cookie injection (CVE-2018-0494, bsc#1092061) + * Enable TLS1.3 with recent OpenSSL environment + * New option --ciphers to set GnuTLS / OpenSSL ciphers directly + * Updated CSS grammar to CSS 2.2 + * Fixed several memleaks found by OSS-Fuzz + * Fixed several buffer overflows found by OSS-Fuzz + * Fixed several integer overflows found by OSS-Fuzz + * Several minor bug fixes + [bsc#1092061, CVE-2018-0494, wget-ignore-void-retvalue.patch] + +------------------------------------------------------------------- Old: ---- wget-1.19.4.tar.gz wget-1.19.4.tar.gz.sig New: ---- wget-1.19.5.tar.gz wget-1.19.5.tar.gz.sig wget-ignore-void-retvalue.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ wget.spec ++++++ --- /var/tmp/diff_new_pack.aghHca/_old 2018-05-11 09:13:33.816756645 +0200 +++ /var/tmp/diff_new_pack.aghHca/_new 2018-05-11 09:13:33.816756645 +0200 @@ -18,7 +18,7 @@ %bcond_with regression_tests Name: wget -Version: 1.19.4 +Version: 1.19.5 Release: 0 Summary: A Tool for Mirroring FTP and HTTP Servers License: GPL-3.0+ @@ -33,6 +33,7 @@ # PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 coolo@suse.de Patch7: wget-fix-pod-syntax.diff Patch8: wget-errno-clobber.patch +Patch9: wget-ignore-void-retvalue.patch BuildRequires: automake BuildRequires: gpgme-devel >= 0.4.2 BuildRequires: libcares-devel @@ -77,6 +78,7 @@ %patch6 %patch7 -p1 %patch8 -p1 +%patch9 -p1 %build %if 0%{?suse_version} > 1110 ++++++ wget-1.19.4.tar.gz -> wget-1.19.5.tar.gz ++++++ ++++ 160495 lines of diff (skipped) ++++++ wget-ignore-void-retvalue.patch ++++++ Index: wget-1.19.5/src/host.c =================================================================== --- wget-1.19.5.orig/src/host.c +++ wget-1.19.5/src/host.c @@ -732,7 +732,10 @@ wait_ares (ares_channel channel) ares_process (channel, &read_fds, &write_fds); } if (timer) - timer = ptimer_destroy (timer); + { + ptimer_destroy (timer); + timer = NULL; + } } static void ++++++ wget.keyring ++++++ ++++ 2200 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/wget/wget.keyring ++++ and /work/SRC/openSUSE:Factory/.wget.new/wget.keyring