revert the update as the new wget version links to libunistring
that is a rather large library. Better to revert the update now
in order to fix buildbot and then look into solutions.
signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
fix Makefile chmod (644)
replace MD5SUM with HASH
add PKG_MIRROR_HASH when PKG_SOURCE_PROTO:=git
(PKG_SOURCE_PROTO:=svn tarballs are not reproducible for now)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
postrm/postinst symlink mangling is frowned upon
by trunk devs, in addition to packages modifying
the files as other packages during
installation/removal (without a agreed upon mechanism
for coordinating such changes) is prohibited in
most distros.
Further in this case results in wget-ssl failing to conflict
with wget-nossl. As mentioned in the github issue
regarding this (https://github.com/openwrt/packages/issues/2728)
it is also unnessary in current openwrt/lede.
This patch there makes the symlink from the specific
flavour of wget (e.g. wget-ssl) from /usr/bin/wget part
of /install so that they conflict with each other the
way they should, and do not modify the same files
without a delibarate --force-overwrite.
Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
Update wget to version 1.17.1.
Remove patches as they are included upstream.
Changes in Wget 1.17.1
* Fix compile error when IPv6 is disabled or SSL is not present.
* Fix HSTS memory leak.
* Fix progress output in non-C locales.
* Fix SIGSEGV when -N and --content-disposition are used together.
* Add --check-certificate=quiet to tell wget to not print any warning
about invalid certificates.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
The update fixes CVE-2014-4877 which allows malicious FTP servers
to modify local filesystem contents through specificially crafted
symlinks.
Please backport to for-14.07 too.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>