|Tags||c wget http ftp file-transfer mirroring|
1.20.306 Apr 2019 10:05 minor bugfix: a buffer overflow vulnerability
1.20.127 Dec 2018 05:45 minor feature: --xattr is no longer default since it introduces privacy. --xattr saves the Referer as scheme/host/port, user/pw/path/query/fragment. Are no longer saved to prevent privacy. --xattr saves the Original URL without user/password to prevent. Privacy.
1.2030 Nov 2018 09:25 minor feature: Add new option `--retry-on-host-error` to treat local errors as transient and hence Wget will retry to download the file after a brief waiting period. multiple potential resource leaks as found by static analysis. Wget will now not create an empty wget-log file when running with -q and -b. switches together When compiled using the GnuTLS = 3.6.3, Wget now has support for TLSv1.3. Now there is support for using libpcre2 for regex pattern matching. When downloading over FTP recursively, one can now use the. -- accept,reject -regex switches to fine-tune the downloaded files. Building Wget from the git sources now requires autoconf 2.63 or above. Building from the Tarballs works as it used to.
1.19.507 May 2018 10:05 minor bugfix: Cookie injection (CVE-2018-0494). Enable TLS1.3 with recent OpenSSL environment. New option --ciphers to set GnuTLS / OpenSSL ciphers directly. Updated CSS grammar to CSS 2.2. Several memleaks found by OSS-Fuzz. Several buffer overflows found by OSS-Fuzz. Several integer overflows found by OSS-Fuzz. Several minor.
1.19.422 Jan 2018 10:25 major bugfix: A major that caused GZip'ed pages to never be decompressed has been. Support for Content-Encoding and Transfer-Encoding have been marked as. Experimental and disabled by default
1.19.316 Jan 2018 20:45 minor bugfix: Prevent erroneous decompression of.gz and.tgz files with broken servers. Added support for HTTP 308 Permanent Redirect response. a segfault in some cases where the Content-Type header is not sent. Support OpenSSL 1.1 builds without using deprecated features. netrc file detection on Windows. Several minor.
1.19.227 Oct 2017 03:25 minor bugfix: CVE-2017-13089 (Stack overflow in HTTP protocol handling). CVE-2017-13090 (Heap overflow in HTTP protocol handling). New option --compression for gzip Content-Encoding. New option -- no -netrc to control.netrc parsing. Added GNU extensions to.netrc parsing. Improved IDNA 2003 compatibility. VPATH. Improved and extended the test suite. Support Wayback Machine's X-Archive-Orig-last-modified. Several.
1.19.113 Feb 2017 05:25 minor bugfix: , a regression, portability/build. Add new option --retry-on-http-error.
1.1918 Jan 2017 12:05 minor bugfix: New option --use-askpass=COMMAND. Fetch user/password by calling an external program. Use IDNA2008 (+ TR46 if available) through libidn2. When processing a Metalink header, --metalink-index= allows to process the header's application/metalink4+xml files. When processing a Metalink file, --trust-server-names enables the. Use of the destination file names specified in the Metalink file, Otherwise a safe destination file name is computed. When processing a Metalink file, enforce a safe destination path. Remove any drive letter preunder w32, i.e. 'C:D:file'. Call. Libmetalink's metalink_check_safe_path() to prevent absolute, Relative, or home paths: Https://tools.ietf.org/html/rfc5854#section-126.96.36.199 Https://tools.ietf.org/html/rfc5854#section-188.8.131.52 When processing a Metalink file, --directory-pre= sets. The top of the retrieval tree to prefor Metalink downloads. When processing a Metalink file, reject downloaded files which don't. Agree with their own metalink:size value: Https://tools.ietf.org/html/rfc5854#section-4.2.16 When processing a Metalink file, with --continue resume partially. Downloaded files and keep fully downloaded files even if they fail The verification. When processing a Metalink file, create the parent directories of a. "path/file" destination file name: Https://tools.ietf.org/html/rfc5854#section-184.108.40.206 Https://tools.ietf.org/html/rfc5854#section-220.127.116.11 On a recursive download, append a.tmp sufto temporary files. That will be deleted after being parsed, and create them Readable/writable only by the owner. New make target 'check-valgrind'. Several. Compatibility.
1.1810 Jun 2016 12:45 minor feature: By default, on server redirects to a FTP resource, use the original URL to get the local file name. CVE-2016-4971. This introduces a backward-incompatibility for HTTP- FTP redirects and any script that relies on the old behaviour must use. --trust-server-names. Check the HSTS file is not world-writable before using it. Parse attributes on a recursive download. problem with SNI server names having trailing dot(s). New options --bind-dns-address and --dns-servers. When Wget is built with libiconv, it now converts non-ASCII URIs to the locale's codeset when it creates files. The encoding of the remote files and URIs is taken from --remote-encoding, defaulting to UTF-8. The result is that non-ASCII URIs and files downloaded via HTTP/HTTPS and FTP will have names on the local filesystem that correspond to their remote names.
1.17.113 Dec 2015 01:05 minor bugfix: Compile error when IPv6 is disabled or SSL is not present. HSTS memory leak. Progress output in non-C locales. SIGSEGV when -N and --content-disposition are used together. Add --check-certificate=quiet to tell wget to not print any warning about. Invalid certificates.
1.1716 Nov 2015 09:45 minor feature: Remove FTP passive to active fallback due to privacy concerns. Add support for --if-modified-since. Add support for metalink through --input-metalink and --metalink-over-http. Add support for HSTS through --hsts and --hsts-file. Add option to restrict filenames under VMS. Add support for --rejected-log which logs to a separate file the reasons why URLs are being rejected and some context around it. Add support for FTPS. Do not download/save file on error when --spider enabled. Add --convert-file-only option. This option converts only the filename part of the URLs, leaving the rest of the URLs untouched.
1.16.311 Mar 2015 00:45 minor bugfix: Fix a regression introduced by wget 1.16.2 that --quiet is not really quiet anymore.
1.16.204 Mar 2015 08:25 minor feature: Native uuid generation on Windows Fix build on Solaris Allow progress bar on stderr when -o is used Accept 5-digit port numbers in FTP EPSV responses. Support older versions of flex. Updated translations.
1.16.128 Feb 2015 07:05 minor feature: Add --enable-assert configure option. Use pkg-config to check for libraries presence. Do not limit --secure-protocol=auto pfs to TLSv1.0. Add --secure-protocol=TLSv1_1 TLSv1_2 . Full C89 source code compliance. Select and use the most secure authentication scheme with HTTP connections. Fix issues with turkish locales. Handle 504 Gateway Timeout. New option --crl-file to load Certificate Revocation Lists. Add valgrind support to tests suite. Fix an off-by-one problem in the progress bar .
1.1631 Oct 2014 19:05 security: No longer create local symbolic links by default. Closes CVE-2014-4877 (WGETBLEED). Use libpsl for verifying cookie domains. Default progress bar output changed. Introduce --show-progress to force display the progress bar. Introduce --no-config. The wgetrc files will not be read. Introduce --start-pos to allow starting downloads from a specified position. Fix a problem with ISA Server Proxy and keep-alive connections.
ManageYou can also help out here by:
← Update project
or flagging this entry for moderator attention.