Debian Patches
Status for wget2/2.2.0+ds-3
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| fix-restrict-filename.patch | Fix wget_restrict_file_name It fails to work as expected on architectures where char is unsigned by default. | Shengqi Chen <harry@debian.org> | yes | upstream | 2025-03-02 | |
| fix_type_of_chunk_size.patch | [PATCH] Fix chunk_size conversion on 32bit arch * src/wget.c (process_head_response): Cast size_t to long long. * src/wget_options.h (struct config): Change type of chunk_size from size_t to long long. |
Tim Rühsen <tim.ruehsen@gmx.de> | yes | debian upstream | upstream, https://gitlab.com/gnuwget/wget2/-/commit/709067e544ce0efd5c8f96ed7209ec2cc61062b8 | 2024-12-01 |
| fix_linked_libraries.patch | Fix linkage to libraries. libwget links to all but [pcre, gpgme], to which wget2 links. | Shengqi Chen <harry@debian.org> | not-needed | 2025-03-02 | ||
| disable-flaky-tests.patch | Disable flaky tests. These tests fail with libproxy enabled (in some environments). | Shengqi Chen <harry@debian.org> | not-needed | 2025-03-02 | ||
| remove_git_from_doxygen.patch | Remove use of git in doxygen. | Shengqi Chen <harry@debian.org> | not-needed | 2025-03-03 | ||
| configure-ac.patch | configure.ac: Hide m4_ifdef from autopoint | Bruno Haible <bruno@clisp.org> | no | debian | upstream, https://gitlab.com/gnuwget/wget2/-/commit/ce1736518a4e6a03f5b151b6b762f755ebea3f01 | 2025-11-10 |
| CVE-2025-69194.patch | [PATCH] Fix file overwrite issue with metalink Fix a remotely triggered arbitrary file write/overwrite abusing metalink <file name="…"> path traversal. |
Tim Rühsen <tim.ruehsen@gmx.de> | no | 2025-12-26 | ||
| CVE-2025-69195.patch | [PATCH] Fix remote buffer overflow in get_local_filename_real() In src/blacklist.c:get_local_filename_real(), the stack/heap selection for fname_esc was inverted, so the code used `char tmp[1024]` exactly when the required size is >1024, leading to stack corruption when wget_restrict_file_name() writes into it. This was introduced by commit 3dc30f5f0c6f8feae97f866c537324f821ea05d. |
Tim Rühsen <tim.ruehsen@gmx.de> | no | 2025-12-26 |
All known versions for source package 'wget2'
- 2.2.0+ds-3 (sid)
- 2.2.0+ds-2 (forky)
- 2.2.0+ds-1 (trixie)
- 1.99.1-2.2 (bookworm)