Change logs for wget source package in Hardy

  • wget (1.10.2-3ubuntu1.2) hardy-security; urgency=low
    
      * SECURITY UPDATE: arbitrary file overwrite via 3xx redirect
        - debian/patches/CVE-2010-2252.dpatch: don't use server names in
          doc/wget.texi, src/{http.c,init.c,main.c,options.h,retr.*}.
        - This update changes previous behaviour by ignoring the filename
          supplied by the server during redirects. To re-enable previous
          behaviour, see the new --trust-server-names option.
        - CVE-2010-2252
     -- Marc Deslauriers <email address hidden>   Wed, 01 Sep 2010 11:20:17 -0400
  • wget (1.10.2-3ubuntu1.1) hardy-security; urgency=low
    
      * SECURITY UPDATE: SSL certificate bypass with NULL CN byte.
        - debian/patches/security-CVE-2009-3490.dpatch: make sure there is no
          NULL in the common-name in src/openssl.c.
        - CVE-2009-3490
    
     -- Marc Deslauriers <email address hidden>   Mon, 05 Oct 2009 14:56:22 -0400
  • wget (1.10.2-3ubuntu1) gutsy; urgency=low
    
      * Merge from debian unstable, remaining changes:
        - Add wget-udeb to ship wget.gnu as alternative to busybox wget
          implementation.
        - Ubuntu Maintainer foobar.
    
    wget (1.10.2-3) unstable; urgency=low
    
      * Generate a POT file (thanks Martin)
        (closes: Bug#376075)
      * added missing -O2 optimization
        (closes: Bug#415421)
      * removed unneeded groff build-dep
        (closes: Bug#399478)
      * corrected lintian warning debian-rules-sets-DH_COMPAT
    
     -- <email address hidden> (Fabio M. Di Nitto)   Mon, 18 Jun 2007 10:20:55 +0200