ftp/wget: Upgrade from 1.16.3_1 to 1.18

PR: 210421 Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com> Security: CVE-2016-4971
author: Vasil Dimov <vd@FreeBSD.org> 2016-06-21 08:02:57 +0000
committer: Vasil Dimov <vd@FreeBSD.org> 2016-06-21 08:02:57 +0000
commit: e3f979f6fd8f77d277e8dfc707c87fa60812f5a9 (patch)
tree: f5563075db930e130e1a550c912e4779e1b1b914 /UPDATING
parent: 0917233fb0167d994e02c7680123ccb553302945 (diff)
download: ports-e3f979f6fd8f77d277e8dfc707c87fa60812f5a9.tar.gz
ports-e3f979f6fd8f77d277e8dfc707c87fa60812f5a9.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/UPDATING b/UPDATING
index d2e59aaf34a1..70bb315d049a 100644
--- a/UPDATING
+++ b/UPDATING
@@ -5,6 +5,15 @@ they are unavoidable.
 You should get into the habit of checking this file for changes each time
 you update your ports collection, before attempting any port upgrades.
 
+20160621
+  AFFECTS: users of ftp/wget
+  AUTHOR: vlad-fbsd@acheronmedia.com
+
+  Wget 1.18 fixes a security vulnerability (CVE-2016-4971) and the fix
+  introduces a backward-incompatibility for HTTP->FTP redirects. Any script that
+  relies on the old behaviour must use --trust-server-names in order to trust
+  the HTTP response and redirect to the new filename.
+
 20160619
   AFFECTS: users of databases/py-apsw
   AUTHOR: rm@FreeBSD.org
author	Vasil Dimov <vd@FreeBSD.org>	2016-06-21 08:02:57 +0000
committer	Vasil Dimov <vd@FreeBSD.org>	2016-06-21 08:02:57 +0000
commit	e3f979f6fd8f77d277e8dfc707c87fa60812f5a9 (patch)
tree	f5563075db930e130e1a550c912e4779e1b1b914 /UPDATING
parent	0917233fb0167d994e02c7680123ccb553302945 (diff)
download	ports-e3f979f6fd8f77d277e8dfc707c87fa60812f5a9.tar.gz ports-e3f979f6fd8f77d277e8dfc707c87fa60812f5a9.zip