Re: Wget difference
On 2013-05-02 15:34 +0200, francis picabia wrote:
> I often download packages to servers using wget and the "Direct Link"
> feature on the sourceforge projects.
>
> For example, today, I downloaded scamp:
>
> $ wget
> http://downloads.sourceforge.net/project/scamp/scamp/scamp-5.6/scamp-5.6.tar.gz?r=&ts=1367500908&use_mirror=superb-dca3
>
> On Redhat, this produces a file called scamp-5.6.tar.gz
>
> On Debian, this produces a file called scamp-5.6.tar.gz?r=
> Sometimes the resulting filename on Debian is much longer.
>
> It can be easily fixed with the mv command, but it has me wondering,
> why does the Debian version have this issue?
Because it has fixed CVE-2010-2252¹ while the (possibly older) Redhat
version does not. Use the "--trust-server-names" option if you want
wget to write to the filename the server redirects to rather than the
one you specified on the commandline.
See http://bugs.debian.org/590296 for details.
Cheers,
Sven
¹ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2252
Reply to: