webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-14 13:02:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
8076deba79f9bbd4e551fdfe1eb49e8a77b2c19e
bpfire/lfs/wget
Matthias Fischer 49deea707b wget: Update to 1.20.1 
This is a bugfix release:

"due to some privacy issues in default settings of Wget, we introduce
this bugfix release.

The --xattr option (saving original URL and Referer into extended file
attributes) was introduced and enabled by default since Wget 1.19.
It possibly saved - possibly unrecognized by the user - credentials,
access tokes etc that were included in the requested URL.

We changed three details as a countermeasure, see below in the NEWS section.

With Best Regards, Tim

...

NEWS

* Changes in Wget 1.20.1

** --xattr is no longer default since it introduces privacy issues.

** --xattr saves the Referer as scheme/host/port,
user/pw/path/query/fragment
   are no longer saved to prevent privacy issues.

   ** --xattr saves the Original URL without user/password to prevent
      privacy issues."

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2018-12-31 00:35:50 +00:00

3.1 KiB
Raw Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink