Accepting request 258883 from home:AndreasStieger:branches:network:utilities

GNU wget 1.16 [CVE-2014-4877] [boo#902709]

OBS-URL: https://build.opensuse.org/request/show/258883
OBS-URL: https://build.opensuse.org/package/show/network:utilities/wget?expand=0&rev=47

wget.changes

@@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Wed Oct 29 20:37:47 UTC 2014 - andreas.stieger@gmx.de
+
+- GNU wget 1.16:
+  This release contains a fix for symlink attack which could allow
+  a malicious ftp server to create arbitrary files, directories or
+  symbolic links and set their permissions when retrieving a
+  directory recursively through FTP. [CVE-2014-4877] [boo#902709]
+  * No longer create local symbolic links by default
+    --retr-symlinks=no option restores previous behaviour
+  * Use libpsl for verifying cookie domains.
+  * Default progress bar output changed.
+  * Introduce --show-progress to force display the progress bar.
+  * Introduce --no-config.  The wgetrc files will not be read.
+  * Introduce --start-pos to allow starting downloads from a specified position.
+  * Fix a problem with ISA Server Proxy and keep-alive connections.
+- refresh wget-libproxy.patch for upstream changes
+- make some dependencies only required for testsuite optional
+
 -------------------------------------------------------------------
 Sun Jun  8 07:19:29 UTC 2014 - andreas.stieger@gmx.de