From e072f094e6fcb20a718caaef91ba9766258e2377 Mon Sep 17 00:00:00 2001
From: Matthias Fischer <matthias.fischer@ipfire.org>
Date: Tue, 14 Jun 2016 12:33:00 +0200
Subject: [PATCH] wget: Update to 1.18

Excerpt from annoncement:

"This version fixes a security vulnerability (CVE-2016-4971) present in
all old versions of wget.  The vulnerability was discovered by Dawid
Golunski which were reported to us by Beyond Security's SecuriTeam.

On a server redirect from HTTP to a FTP resource, wget would trust the
HTTP server and uses the name in the redirected URL as the destination
filename.
This behaviour was changed and now it works similarly as a redirect from
HTTP to another HTTP resource so the original name is used as
the destination file.  To keep the previous behaviour the user must
provide --trust-server-names."

Best,
Mat-backfromholidays-thias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 lfs/wget | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lfs/wget b/lfs/wget
index 20f545b76..c22a9782e 100644
--- a/lfs/wget
+++ b/lfs/wget
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 1.17.1
+VER        = 1.18
 
 THISAPP    = wget-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = b0d58ef4963690e71effba24c105ed52
+$(DL_FILE)_MD5 = af9ca95a4bb8ac4a9bf10aeae66fa5ec
 
 install : $(TARGET)