wget: upgraded package to upstream
Upgraded net-misc/wget to version 1.19.1-r2 on amd64
Changes from upstream:
* EAPI 6 -> 5
* in src_prepare, replaced 'default' with epatch "${PATCHES[@]}"
BUG=b:69490633
TEST=emerge-$BOARD net-misc/wget ; trybots
Change-Id: I3c82af5e0d55ebbd94c4f9a226eb621989c905f3
Reviewed-on: https://chromium-review.googlesource.com/780780
Commit-Ready: Aditya Kali <adityakali@google.com>
Tested-by: Aditya Kali <adityakali@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
(cherry picked from commit b2af43a38d5988d09fd10ca37919b4fdbd1cb1c0)
Reviewed-on: https://chromium-review.googlesource.com/782780
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Aditya Kali <adityakali@google.com>
diff --git a/metadata/md5-cache/net-misc/wget-1.19.1-r1 b/metadata/md5-cache/net-misc/wget-1.19.1-r2
similarity index 84%
rename from metadata/md5-cache/net-misc/wget-1.19.1-r1
rename to metadata/md5-cache/net-misc/wget-1.19.1-r2
index 3925048..0730d3d 100644
--- a/metadata/md5-cache/net-misc/wget-1.19.1-r1
+++ b/metadata/md5-cache/net-misc/wget-1.19.1-r2
@@ -1,5 +1,5 @@
-DEFINED_PHASES=configure install prepare setup test
-DEPEND=!static? ( idn? ( >=net-dns/libidn2-0.14 ) pcre? ( dev-libs/libpcre ) ssl? ( gnutls? ( net-libs/gnutls:0= ) !gnutls? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl ) ) ) uuid? ( sys-apps/util-linux ) zlib? ( sys-libs/zlib ) ) app-arch/xz-utils virtual/pkgconfig static? ( idn? ( >=net-dns/libidn2-0.14[static-libs(+)] ) pcre? ( dev-libs/libpcre[static-libs(+)] ) ssl? ( gnutls? ( net-libs/gnutls:0=[static-libs(+)] ) !gnutls? ( !libressl? ( dev-libs/openssl:0=[static-libs(+)] ) libressl? ( dev-libs/libressl[static-libs(+)] ) ) ) uuid? ( sys-apps/util-linux[static-libs(+)] ) zlib? ( sys-libs/zlib[static-libs(+)] ) ) test? ( || ( dev-lang/python:3.5 dev-lang/python:3.4 ) dev-lang/perl dev-perl/HTTP-Daemon dev-perl/HTTP-Message dev-perl/IO-Socket-SSL ) nls? ( sys-devel/gettext )
+DEFINED_PHASES=configure install prepare setup
+DEPEND=!static? ( idn? ( >=net-dns/libidn2-0.14 ) pcre? ( dev-libs/libpcre ) ssl? ( gnutls? ( net-libs/gnutls:0= ) !gnutls? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl ) ) ) uuid? ( sys-apps/util-linux ) zlib? ( sys-libs/zlib ) ) app-arch/xz-utils virtual/pkgconfig static? ( idn? ( >=net-dns/libidn2-0.14[static-libs(+)] ) pcre? ( dev-libs/libpcre[static-libs(+)] ) ssl? ( gnutls? ( net-libs/gnutls:0=[static-libs(+)] ) !gnutls? ( !libressl? ( dev-libs/openssl:0=[static-libs(+)] ) libressl? ( dev-libs/libressl[static-libs(+)] ) ) ) uuid? ( sys-apps/util-linux[static-libs(+)] ) zlib? ( sys-libs/zlib[static-libs(+)] ) ) test? ( || ( dev-lang/python:3.6 dev-lang/python:3.5 dev-lang/python:3.4 ) dev-lang/perl dev-perl/HTTP-Daemon dev-perl/HTTP-Message dev-perl/IO-Socket-SSL ) nls? ( sys-devel/gettext )
DESCRIPTION=Network utility to retrieve files from the WWW
EAPI=5
HOMEPAGE=https://www.gnu.org/software/wget/
@@ -11,4 +11,4 @@
SLOT=0
SRC_URI=mirror://gnu/wget/wget-1.19.1.tar.xz
_eclasses_=eutils 06133990e861be0fe60c2b428fd025d9 flag-o-matic 5d5921a298e95441da2f85be419894c0 multilib 97f470f374f2e94ccab04a2fb21d811e python-any-r1 8eb13cdf35f6e43c48107b911900b2cc python-utils-r1 ec7e05a608c9ab8ae4d180d10bd61600 toolchain-funcs 6198c04daba0e1307bd844df7d37f423
-_md5_=4d2a27a55a4d173e3fb85f5200ea743b
+_md5_=8df73b3e17bddbd8ad0a1258d51afa4d
diff --git a/net-misc/wget/files/wget-1.19.1-CVE-2017-13089.patch b/net-misc/wget/files/wget-1.19.1-CVE-2017-13089.patch
new file mode 100644
index 0000000..f961741
--- /dev/null
+++ b/net-misc/wget/files/wget-1.19.1-CVE-2017-13089.patch
@@ -0,0 +1,34 @@
+From 3dbc2e06ad487862c2fcc64d4891ff8aeb254bad Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
+Date: Fri, 20 Oct 2017 10:59:38 +0200
+Subject: [PATCH 1/2] Fix stack overflow in HTTP protocol handling
+ (CVE-2017-13089)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+* src/http.c (skip_short_body): Return error on negative chunk size
+
+Reported-by: Antti Levomäki, Christian Jalio, Joonas Pihlaja from Forcepoint
+Reported-by: Juhani Eronen from Finnish National Cyber Security Centre
+---
+ src/http.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/http.c b/src/http.c
+index 55367688..dc318231 100644
+--- a/src/http.c
++++ b/src/http.c
+@@ -973,6 +973,9 @@ skip_short_body (int fd, wgint contlen, bool chunked)
+ remaining_chunk_size = strtol (line, &endl, 16);
+ xfree (line);
+
++ if (remaining_chunk_size < 0)
++ return false;
++
+ if (remaining_chunk_size == 0)
+ {
+ line = fd_read_line (fd);
+--
+2.15.0.rc1
+
diff --git a/net-misc/wget/files/wget-1.19.1-CVE-2017-13090.patch b/net-misc/wget/files/wget-1.19.1-CVE-2017-13090.patch
new file mode 100644
index 0000000..4e600fe
--- /dev/null
+++ b/net-misc/wget/files/wget-1.19.1-CVE-2017-13090.patch
@@ -0,0 +1,37 @@
+From 28925c37b72867c0819799c6f35caf9439080f83 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
+Date: Fri, 20 Oct 2017 15:15:47 +0200
+Subject: [PATCH 2/2] Fix heap overflow in HTTP protocol handling
+ (CVE-2017-13090)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+* src/retr.c (fd_read_body): Stop processing on negative chunk size
+
+Reported-by: Antti Levomäki, Christian Jalio, Joonas Pihlaja from Forcepoint
+Reported-by: Juhani Eronen from Finnish National Cyber Security Centre
+---
+ src/retr.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/retr.c b/src/retr.c
+index a27d58af..723ac725 100644
+--- a/src/retr.c
++++ b/src/retr.c
+@@ -378,6 +378,12 @@ fd_read_body (const char *downloaded_filename, int fd, FILE *out, wgint toread,
+ remaining_chunk_size = strtol (line, &endl, 16);
+ xfree (line);
+
++ if (remaining_chunk_size < 0)
++ {
++ ret = -1;
++ break;
++ }
++
+ if (remaining_chunk_size == 0)
+ {
+ ret = 0;
+--
+2.15.0.rc1
+
diff --git a/net-misc/wget/files/wget-1.19.1-fix-Perl-warnings-in-tests.patch b/net-misc/wget/files/wget-1.19.1-fix-Perl-warnings-in-tests.patch
new file mode 100644
index 0000000..334bcef
--- /dev/null
+++ b/net-misc/wget/files/wget-1.19.1-fix-Perl-warnings-in-tests.patch
@@ -0,0 +1,104 @@
+From 7ffe93cabb181f39ad5091c31ab9f61bd940a55f Mon Sep 17 00:00:00 2001
+From: Anton Yuzhaninov <citrin+github@citrin.ru>
+Date: Wed, 5 Apr 2017 19:06:42 +0300
+Subject: [PATCH] Fix perl warnings in tests
+
+* tests/FTPServer.pm: Escape '{' in RE to fix warnings
+* tests/FTPTest.pm: Likewise
+* tests/HTTPServer.pm: Likewise
+* tests/HTTPTest.pm: Likewise
+* tests/Test-proxied-https-auth-keepalive.px: Likewise
+* tests/Test-proxied-https-auth.px: Likewise
+Escape '{' in RE to fix warnings:
+Unescaped left brace in regex is deprecated, passed through in regex;
+marked by <-- HERE in m/{{ <-- HERE port}}/
+---
+ tests/FTPServer.pm | 2 +-
+ tests/FTPTest.pm | 2 +-
+ tests/HTTPServer.pm | 2 +-
+ tests/HTTPTest.pm | 2 +-
+ tests/Test-proxied-https-auth-keepalive.px | 2 +-
+ tests/Test-proxied-https-auth.px | 2 +-
+ 6 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/tests/FTPServer.pm b/tests/FTPServer.pm
+index a5185d66..cac80942 100644
+--- a/tests/FTPServer.pm
++++ b/tests/FTPServer.pm
+@@ -589,7 +589,7 @@ sub new
+ foreach my $file (keys %{$self->{_input}})
+ {
+ my $ref = \$self->{_input}{$file}{content};
+- $$ref =~ s/{{port}}/$self->sockport/eg;
++ $$ref =~ s/\Q{{port}}/$self->sockport/eg;
+ }
+
+ return $self;
+diff --git a/tests/FTPTest.pm b/tests/FTPTest.pm
+index 50385ad0..0a1c768c 100644
+--- a/tests/FTPTest.pm
++++ b/tests/FTPTest.pm
+@@ -53,7 +53,7 @@ sub _substitute_port
+ {
+ my $self = shift;
+ my $ret = shift;
+- $ret =~ s/{{port}}/$self->{_server}->sockport/eg;
++ $ret =~ s/\Q{{port}}/$self->{_server}->sockport/eg;
+ return $ret;
+ }
+
+diff --git a/tests/HTTPServer.pm b/tests/HTTPServer.pm
+index dd8ec043..78609f65 100644
+--- a/tests/HTTPServer.pm
++++ b/tests/HTTPServer.pm
+@@ -310,7 +310,7 @@ sub _substitute_port
+ {
+ my $self = shift;
+ my $ret = shift;
+- $ret =~ s/{{port}}/$self->sockport/eg;
++ $ret =~ s/\Q{{port}}/$self->sockport/eg;
+ return $ret;
+ }
+
+diff --git a/tests/HTTPTest.pm b/tests/HTTPTest.pm
+index 00f079f8..6225c7f1 100644
+--- a/tests/HTTPTest.pm
++++ b/tests/HTTPTest.pm
+@@ -47,7 +47,7 @@ sub _substitute_port
+ {
+ my $self = shift;
+ my $ret = shift;
+- $ret =~ s/{{port}}/$self->{_server}->sockport/eg;
++ $ret =~ s/\Q{{port}}/$self->{_server}->sockport/eg;
+ return $ret;
+ }
+
+diff --git a/tests/Test-proxied-https-auth-keepalive.px b/tests/Test-proxied-https-auth-keepalive.px
+index 049bebec..2a18ccfd 100755
+--- a/tests/Test-proxied-https-auth-keepalive.px
++++ b/tests/Test-proxied-https-auth-keepalive.px
+@@ -153,7 +153,7 @@ my $cmdline = $WgetTest::WGETPATH . " --user=fiddle-dee-dee"
+ . " --password=Dodgson -e https_proxy=localhost:{{port}}"
+ . " --no-check-certificate"
+ . " https://no.such.domain/needs-auth.txt";
+-$cmdline =~ s/{{port}}/$SOCKET->sockport()/e;
++$cmdline =~ s/\Q{{port}}/$SOCKET->sockport()/e;
+
+ if (defined $srcdir) {
+ $VALGRIND_SUPP_FILE = $srcdir . '/valgrind-suppressions-ssl';
+diff --git a/tests/Test-proxied-https-auth.px b/tests/Test-proxied-https-auth.px
+index ce4e736c..878114e7 100755
+--- a/tests/Test-proxied-https-auth.px
++++ b/tests/Test-proxied-https-auth.px
+@@ -152,7 +152,7 @@ my $cmdline = $WgetTest::WGETPATH . " --user=fiddle-dee-dee"
+ . " --password=Dodgson -e https_proxy=localhost:{{port}}"
+ . " --no-check-certificate"
+ . " https://no.such.domain/needs-auth.txt";
+-$cmdline =~ s/{{port}}/$SOCKET->sockport()/e;
++$cmdline =~ s/\Q{{port}}/$SOCKET->sockport()/e;
+
+ if (defined $srcdir) {
+ $VALGRIND_SUPP_FILE = $srcdir . '/valgrind-suppressions-ssl';
+--
+2.14.3
+
diff --git a/net-misc/wget/files/wget-1.19.1-fix-Python-test-suite.patch b/net-misc/wget/files/wget-1.19.1-fix-Python-test-suite.patch
new file mode 100644
index 0000000..1173667
--- /dev/null
+++ b/net-misc/wget/files/wget-1.19.1-fix-Python-test-suite.patch
@@ -0,0 +1,172 @@
+Fix python test suite for GnuTLS 3.5.12+
+
+Backport of f42229b1fdf30ee30c6e13b01eb0c4ebd9ea9169
+
+--- a/testenv/Test--rejected-log.py
++++ b/testenv/Test--rejected-log.py
+@@ -14,7 +14,7 @@ mainpage = """
+ </head>
+ <body>
+ <p>
+- Recurse to a <a href="http://127.0.0.1:{{port}}/secondpage.html">second page</a>.
++ Recurse to a <a href="http://localhost:{{port}}/secondpage.html">second page</a>.
+ </p>
+ </body>
+ </html>
+@@ -27,8 +27,8 @@ secondpage = """
+ </head>
+ <body>
+ <p>
+- Recurse to a <a href="http://127.0.0.1:{{port}}/thirdpage.html">third page</a>.
+- Try the blacklisted <a href="http://127.0.0.1:{{port}}/index.html">main page</a>.
++ Recurse to a <a href="http://localhost:{{port}}/thirdpage.html">third page</a>.
++ Try the blacklisted <a href="http://localhost:{{port}}/index.html">main page</a>.
+ </p>
+ </body>
+ </html>
+@@ -41,7 +41,7 @@ thirdpage = """
+ </head>
+ <body>
+ <p>
+- Try a hidden <a href="http://127.0.0.1:{{port}}/dummy.txt">dummy file</a>.
++ Try a hidden <a href="http://localhost:{{port}}/dummy.txt">dummy file</a>.
+ Try to leave to <a href="http://no.such.domain/">another domain</a>.
+ </p>
+ </body>
+@@ -55,9 +55,9 @@ Disallow: /dummy.txt
+
+ log = """\
+ REASON\tU_URL\tU_SCHEME\tU_HOST\tU_PORT\tU_PATH\tU_PARAMS\tU_QUERY\tU_FRAGMENT\tP_URL\tP_SCHEME\tP_HOST\tP_PORT\tP_PATH\tP_PARAMS\tP_QUERY\tP_FRAGMENT
+-BLACKLIST\thttp%3A//127.0.0.1%3A{{port}}/index.html\tSCHEME_HTTP\t127.0.0.1\t{{port}}\tindex.html\t\t\t\thttp%3A//127.0.0.1%3A{{port}}/secondpage.html\tSCHEME_HTTP\t127.0.0.1\t{{port}}\tsecondpage.html\t\t\t
+-ROBOTS\thttp%3A//127.0.0.1%3A{{port}}/dummy.txt\tSCHEME_HTTP\t127.0.0.1\t{{port}}\tdummy.txt\t\t\t\thttp%3A//127.0.0.1%3A{{port}}/thirdpage.html\tSCHEME_HTTP\t127.0.0.1\t{{port}}\tthirdpage.html\t\t\t
+-SPANNEDHOST\thttp%3A//no.such.domain/\tSCHEME_HTTP\tno.such.domain\t80\t\t\t\t\thttp%3A//127.0.0.1%3A{{port}}/thirdpage.html\tSCHEME_HTTP\t127.0.0.1\t{{port}}\tthirdpage.html\t\t\t
++BLACKLIST\thttp%3A//localhost%3A{{port}}/index.html\tSCHEME_HTTP\tlocalhost\t{{port}}\tindex.html\t\t\t\thttp%3A//localhost%3A{{port}}/secondpage.html\tSCHEME_HTTP\tlocalhost\t{{port}}\tsecondpage.html\t\t\t
++ROBOTS\thttp%3A//localhost%3A{{port}}/dummy.txt\tSCHEME_HTTP\tlocalhost\t{{port}}\tdummy.txt\t\t\t\thttp%3A//localhost%3A{{port}}/thirdpage.html\tSCHEME_HTTP\tlocalhost\t{{port}}\tthirdpage.html\t\t\t
++SPANNEDHOST\thttp%3A//no.such.domain/\tSCHEME_HTTP\tno.such.domain\t80\t\t\t\t\thttp%3A//localhost%3A{{port}}/thirdpage.html\tSCHEME_HTTP\tlocalhost\t{{port}}\tthirdpage.html\t\t\t
+ """
+
+ dummyfile = "Don't care."
+--- a/testenv/Test--spider-r.py
++++ b/testenv/Test--spider-r.py
+@@ -14,8 +14,8 @@ mainpage = """
+ </head>
+ <body>
+ <p>
+- Some text and a link to a <a href="http://127.0.0.1:{{port}}/secondpage.html">second page</a>.
+- Also, a <a href="http://127.0.0.1:{{port}}/nonexistent">broken link</a>.
++ Some text and a link to a <a href="http://localhost:{{port}}/secondpage.html">second page</a>.
++ Also, a <a href="http://localhost:{{port}}/nonexistent">broken link</a>.
+ </p>
+ </body>
+ </html>
+@@ -29,8 +29,8 @@ secondpage = """
+ </head>
+ <body>
+ <p>
+- Some text and a link to a <a href="http://127.0.0.1:{{port}}/thirdpage.html">third page</a>.
+- Also, a <a href="http://127.0.0.1:{{port}}/nonexistent">broken link</a>.
++ Some text and a link to a <a href="http://localhost:{{port}}/thirdpage.html">third page</a>.
++ Also, a <a href="http://localhost:{{port}}/nonexistent">broken link</a>.
+ </p>
+ </body>
+ </html>
+@@ -43,8 +43,8 @@ thirdpage = """
+ </head>
+ <body>
+ <p>
+- Some text and a link to a <a href="http://127.0.0.1:{{port}}/dummy.txt">text file</a>.
+- Also, another <a href="http://127.0.0.1:{{port}}/againnonexistent">broken link</a>.
++ Some text and a link to a <a href="http://localhost:{{port}}/dummy.txt">text file</a>.
++ Also, another <a href="http://localhost:{{port}}/againnonexistent">broken link</a>.
+ </p>
+ </body>
+ </html>
+--- a/testenv/certs/server-cert.pem
++++ b/testenv/certs/server-cert.pem
+@@ -1,21 +1,21 @@
+ -----BEGIN CERTIFICATE-----
+-MIIDgDCCAmigAwIBAgIIVGI73zrIeeMwDQYJKoZIhvcNAQELBQAwMDERMA8GA1UE
+-AxMIR05VIFdnZXQxDTALBgNVBAsTBFdnZXQxDDAKBgNVBAoTA0dOVTAiGA8yMDE0
+-MTExMTE2NDAwMFoYDzk5OTkxMjMxMjM1OTU5WjAxMRIwEAYDVQQDEwkxMjcuMC4w
+-LjExDTALBgNVBAsTBFdnZXQxDDAKBgNVBAoTA0dOVTCCASIwDQYJKoZIhvcNAQEB
+-BQADggEPADCCAQoCggEBAMjC3Gt55EfStl6mE371+pD3/cpR5MLxkdbBss5MlIP2
+-TDhiPOItLXml8oxs4BjUm3wfn3GV9iJLmbzbIWL+0kbRkQ2LCPKUf+Cln3z2ZE+r
+-XwdWlT8gVfv51Opfkp2lLDVUqLfNKRGQgivjSCmLqY2LqeB0SaVNvuaD3EpqZyIH
+-0E5SZgjqBHgRRtvGkcy0rOmp5SI2NASLugUioXa9OLWjpYDwodsd3ERlL0DJ1aJW
+-8TC8Tqix4i0osWzar+LXBIin0Qvar9/uRHN0p1kq3p0XgNHKqWpiTT54+WYx7Pem
+-v4qRXz11swiJzUL+Pw1DurQ9smbzDgAsz7V2FJnUeCcCAwEAAaOBmDCBlTAMBgNV
+-HRMBAf8EAjAAMB8GA1UdEQQYMBaCCTEyNy4wLjAuMYIJbG9jYWxob3N0MBMGA1Ud
+-JQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFJfm323L
+-JbKTM/tMKSt0qlUqewbnMB8GA1UdIwQYMBaAFPM+TjiESqm+wW/HYaNQ2m4pi+tU
+-MA0GCSqGSIb3DQEBCwUAA4IBAQCDmuSD4IGmn0UQ5jhGQquh92Iu59j64Rrg7EIM
+-zoppciyYR8gDUutOI9CEisxJz6umvAdOo5L981gcFaBv6hHWaE/krAZccR+ZXZP6
+-fI9btO8My8O63fYcd2KkLEFqvKDF43i01S2LrqXdPo3uELbFZwxCmUKsexFGsoW1
+-CbXbRjnS7w/f72myRmvBeDiNMuGfe1lb4IflybH3DMlKC7i0AN1JKglp+IKn5XAE
+-neWR03i3UaYJsibIxj0DkTS+hVPu5MXQ9RlF5CkRdFKjGinLE/u70XyAyx0/IeAN
+-e7c2MJvpdfRmTXm2ew4sNyK9RXo7Bv0Yqkl65iMscF8LNnxL
++MIIDdzCCAl+gAwIBAgIMWWD1GB1UFkEICdQvMA0GCSqGSIb3DQEBCwUAMDAxETAP
++BgNVBAMTCEdOVSBXZ2V0MQ0wCwYDVQQLEwRXZ2V0MQwwCgYDVQQKEwNHTlUwIBcN
++MTcwNzA4MTUwNzA0WhgPOTk5OTEyMzEyMzU5NTlaMDExEjAQBgNVBAMTCTEyNy4w
++LjAuMTENMAsGA1UECxMEV2dldDEMMAoGA1UEChMDR05VMIIBIjANBgkqhkiG9w0B
++AQEFAAOCAQ8AMIIBCgKCAQEAyMLca3nkR9K2XqYTfvX6kPf9ylHkwvGR1sGyzkyU
++g/ZMOGI84i0teaXyjGzgGNSbfB+fcZX2IkuZvNshYv7SRtGRDYsI8pR/4KWffPZk
++T6tfB1aVPyBV+/nU6l+SnaUsNVSot80pEZCCK+NIKYupjYup4HRJpU2+5oPcSmpn
++IgfQTlJmCOoEeBFG28aRzLSs6anlIjY0BIu6BSKhdr04taOlgPCh2x3cRGUvQMnV
++olbxMLxOqLHiLSixbNqv4tcEiKfRC9qv3+5Ec3SnWSrenReA0cqpamJNPnj5ZjHs
++96a/ipFfPXWzCInNQv4/DUO6tD2yZvMOACzPtXYUmdR4JwIDAQABo4GNMIGKMAwG
++A1UdEwEB/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsG
++AQUFBwMBMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFJfm323LJbKTM/tMKSt0
++qlUqewbnMB8GA1UdIwQYMBaAFPM+TjiESqm+wW/HYaNQ2m4pi+tUMA0GCSqGSIb3
++DQEBCwUAA4IBAQC1a0NQfmqT8Ky/BFo5H+G+GoQTlqi3J83ujAMdLUD57zYCEyDL
++XzAhMPfrOSLPDcQb0ooD1Ie+Rz8Xs1h00cD2OGKwH479+nisF5ksqJVJ4fn/aNFE
++6W2Xb3MCB+4FRdmy0UeDDA6N2OpVskCM30s9tmovlBLVK46HogdLvy/O1o7z/gbx
++vV8luevxobnevZ3NdWLyVE3BJZiThBHmZUvL1XNy4KAR4wDAkbCwoTN/JkehTu0i
++WR6DaG7N7M6psc7rctfzRqimlAkxnoAUwc8LwNLTB3v613xXX8iSUsLKsh6pQfZR
++e5wnYQIS4MzowvDx8WevTPMRKlN72d8HHuv9
+ -----END CERTIFICATE-----
+--- a/testenv/certs/server-crl.pem
++++ b/testenv/certs/server-crl.pem
+@@ -1,12 +1,12 @@
+ -----BEGIN X509 CRL-----
+-MIIB1DCBvQIBATANBgkqhkiG9w0BAQsFADAwMREwDwYDVQQDEwhHTlUgV2dldDEN
+-MAsGA1UECxMEV2dldDEMMAoGA1UEChMDR05VGA8yMDE0MTExMTE2NDU1NFoYDzk5
+-OTkxMjMxMjM1OTU5WjAdMBsCCFRiO986yHnjGA8yMDE0MTExMTE2NDU1NFqgNjA0
+-MB8GA1UdIwQYMBaAFPM+TjiESqm+wW/HYaNQ2m4pi+tUMBEGA1UdFAQKAghUYj1E
+-KHs9ijANBgkqhkiG9w0BAQsFAAOCAQEAZgwqs1VOFG39dFHHMXvBr4eJfhwiG4bC
+-cL6IvLhvl9ikcyQMHrpOBtNjkCtgclSbJjjTDdera1+zuCWE0WBOJ4mojYdAIOhR
+-QvSwp4NwAtibu2F/fjeXoo+LEpcRKtLvAotB30eCZ1OPrijsa/HxFILOLlayjns8
+-wM4RmQC4o43y1G/1jqM8hGDg4Wz0j1URVuyP+pU55JpubV5LlExy3gIRwevD2lam
+-q3hiighenJYFO3HGZkYT2SIoSpXZnQqKPJ4HwRBSg/cjOpc1y1lIIvKhmk+Cut6M
+-+S5HL4pIk8vGYg57nTfOOkj1goqFkfU0DBqvVAZj02ay/VIDu61T1g==
++MIIB1jCBvwIBATANBgkqhkiG9w0BAQsFADAwMREwDwYDVQQDEwhHTlUgV2dldDEN
++MAsGA1UECxMEV2dldDEMMAoGA1UEChMDR05VFw0xNzA3MDgxNTA3MDRaFw0xODA3
++MDgxNTA3MDRaMB8wHQIMWWD1GB1UFkEICdQvFw0xNzA3MDgxNTA3MDRaoDowODAf
++BgNVHSMEGDAWgBTzPk44hEqpvsFvx2GjUNpuKYvrVDAVBgNVHRQEDgIMWWD1GB4C
++YfERSnyEMA0GCSqGSIb3DQEBCwUAA4IBAQAAKu+Lum1l/XtcCJ43WveouPK97iOE
++bjUZWaGYx8Ys/iBdhTa1GXG+E+JuyqgyHTW0HrWJi1D+GiYmsjPJXoEgVgtxXEQ7
++8b3NyIQ8OCsSTTlVCmLECN9R0xlsitzH+HXOaIEs5sbmIxCnxu+brqno9gQocmCv
++LHYvoSxsSsOCkkmodbYtKssl2dBonvQPSijN/z3NhZ259e2U3Yv4V7/MrEoTvOxg
++M0GC0u0Nx86EWbq0sWeiUu270Qk9En5YGNtRhkeq0bXerJswmMAmvrtuKdyfouny
++4WMvtn30xsO3WwWSV2oyrDSN/IQdDbcmul/bg8ewqlnN77cVf2m70c/W
+ -----END X509 CRL-----
+--- a/testenv/certs/server-template.cfg
++++ b/testenv/certs/server-template.cfg
+@@ -68,7 +68,6 @@ expiration_days = -1
+ # X.509 v3 extensions
+
+ # A dnsname in case of a WWW server.
+-dns_name = "127.0.0.1"
+ dns_name = "localhost"
+
+ # A subject alternative name URI
+--- a/testenv/test/base_test.py
++++ b/testenv/test/base_test.py
+@@ -90,7 +90,7 @@ class BaseTest:
+ # ports and etc.
+ # so we should record different domains respect to servers.
+ domain = self.get_domain_addr(instance.server_address)
+- self.domains.append(domain[0])
++ self.domains.append('localhost')
+ self.ports.append(domain[1])
+
+ def exec_wget(self):
diff --git a/net-misc/wget/files/wget-1.19.2-fix-segfault-due-to-derefencing-null-ptr.patch b/net-misc/wget/files/wget-1.19.2-fix-segfault-due-to-derefencing-null-ptr.patch
new file mode 100644
index 0000000..8a66e08
--- /dev/null
+++ b/net-misc/wget/files/wget-1.19.2-fix-segfault-due-to-derefencing-null-ptr.patch
@@ -0,0 +1,66 @@
+From 973c26ed7d51052a7b6e120ed1b84e47266667e1 Mon Sep 17 00:00:00 2001
+From: Darshit Shah <darnir@gnu.org>
+Date: Mon, 6 Nov 2017 10:09:03 +0100
+Subject: Fix Segfault due to derefencing null ptr
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+* src/http.c(gethttp): When Encoding is gzip, ensure that the
+Content-Type Header was actually seen. Without this, the "type" variable
+is null causing a Segfault.
+
+Reported-By: Noël Köthe <noel@debian.org>
+---
+ src/http.c | 30 +++++++++++++++++++-----------
+ 1 file changed, 19 insertions(+), 11 deletions(-)
+
+diff --git a/src/http.c b/src/http.c
+index 9954848..2a5454f 100644
+--- a/src/http.c
++++ b/src/http.c
+@@ -3714,22 +3714,30 @@ gethttp (const struct url *u, struct url *original_url, struct http_stat *hs,
+ && opt.compression != compression_none)
+ {
+ /* Make sure the Content-Type is not gzip before decompressing */
+- const char * p = strchr (type, '/');
+- if (p == NULL)
+- {
+- hs->remote_encoding = ENC_GZIP;
+- hs->local_encoding = ENC_NONE;
+- }
+- else
++ if (type)
+ {
+- p++;
+- if (c_tolower(p[0]) == 'x' && p[1] == '-')
+- p += 2;
+- if (0 != c_strcasecmp (p, "gzip"))
++ const char * p = strchr (type, '/');
++ if (p == NULL)
+ {
+ hs->remote_encoding = ENC_GZIP;
+ hs->local_encoding = ENC_NONE;
+ }
++ else
++ {
++ p++;
++ if (c_tolower(p[0]) == 'x' && p[1] == '-')
++ p += 2;
++ if (0 != c_strcasecmp (p, "gzip"))
++ {
++ hs->remote_encoding = ENC_GZIP;
++ hs->local_encoding = ENC_NONE;
++ }
++ }
++ }
++ else
++ {
++ hs->remote_encoding = ENC_GZIP;
++ hs->local_encoding = ENC_NONE;
+ }
+ }
+ #endif
+--
+cgit v1.0-41-gc330
+
diff --git a/net-misc/wget/wget-1.19.1-r1.ebuild b/net-misc/wget/wget-1.19.1-r2.ebuild
similarity index 88%
rename from net-misc/wget/wget-1.19.1-r1.ebuild
rename to net-misc/wget/wget-1.19.1-r2.ebuild
index d09550d..bb1ddfd 100644
--- a/net-misc/wget/wget-1.19.1-r1.ebuild
+++ b/net-misc/wget/wget-1.19.1-r2.ebuild
@@ -3,9 +3,9 @@
EAPI=5
-PYTHON_COMPAT=( python3_{4,5} )
+PYTHON_COMPAT=( python3_{4,5,6} )
-inherit flag-o-matic python-any-r1 toolchain-funcs eutils
+inherit flag-o-matic python-any-r1 toolchain-funcs
DESCRIPTION="Network utility to retrieve files from the WWW"
HOMEPAGE="https://www.gnu.org/software/wget/"
@@ -47,6 +47,10 @@
PATCHES=(
"${FILESDIR}"/${P}-CRLF_injection.patch
+ "${FILESDIR}"/${PN}-1.19.1-fix-Perl-warnings-in-tests.patch
+ "${FILESDIR}"/${PN}-1.19.1-fix-Python-test-suite.patch
+ "${FILESDIR}"/${PN}-1.19.1-CVE-2017-13089.patch
+ "${FILESDIR}"/${PN}-1.19.1-CVE-2017-13090.patch
)
pkg_setup() {
@@ -99,10 +103,6 @@
$(use_with zlib)
}
-src_test() {
- emake check
-}
-
src_install() {
default
@@ -110,5 +110,6 @@
-e "s:/usr/local/etc:${EPREFIX}/etc:g" \
"${ED}"/etc/wgetrc \
"${ED}"/usr/share/man/man1/wget.1 \
- "${ED}"/usr/share/info/wget.info
+ "${ED}"/usr/share/info/wget.info \
+ || die
}