head	1.2;
access;
symbols
	RELEASE_8_3_0:1.2
	RELEASE_9_0_0:1.2
	RELEASE_7_4_0:1.2
	RELEASE_8_2_0:1.2
	RELEASE_6_EOL:1.2;
locks; strict;
comment	@# @;


1.2
date	2010.09.06.17.15.01;	author vd;	state Exp;
branches;
next	1.1;

1.1
date	2010.09.06.16.54.23;	author vd;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Followup to the previous commit: fix the newly added patches
@
text
@--- NEWS.orig	2009-09-22 05:53:35.000000000 +0300
+++ NEWS	2010-09-06 20:09:17.000000000 +0300
@@@@ -6,6 +6,9 @@@@
 
 Please send GNU Wget bug reports to <bug-wget@@gnu.org>.
 
+** By default, on server redirects, use the original URL to get the
+   local file name. Close CVE-2010-2252.
+
 * Changes in Wget 1.12
 
 ** Mailing list MOVED to bug-wget@@gnu.org
@


1.1
log
@Apply patch from upstream for CVE-2010-2252.

This is revision-id:gscrivano@@gnu.org-20100728192222-sy6rf3fgeydgvl1k
from http://bzr.savannah.gnu.org/r/wget/trunk/ without the change to
src/ftp.c because it is a whitespace only change.

PR:		ports/150293
Submitted by:	Joe Horn <joehorn@@gmail.com>
Security:	CVE-2010-2252
@
text
@d1 3
a3 4
--- NEWS	2010-07-11 13:47:18 +0000
+++ NEWS	2010-07-28 19:22:22 +0000
@@@@ -33,6 +33,9 @@@@
 ** GNU TLS backend works again.
d5 2
a6 2
 ** Now --timestamping and --continue works well together.
+
d9 1
a9 1
 
d12 1
a12 2

=== modified file 'doc/wget.texi'
@

