Re: Wget difference

To: debian-user@lists.debian.org
Subject: Re: Wget difference
From: Sven Joachim <svenjoac@gmx.de>
Date: Thu, 02 May 2013 16:57:16 +0200
Message-id: <[🔎] 87ppx9v38z.fsf@turtle.gmx.de>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] CA+AKB6H5CHN9rRjZ7MawPD5pxGyxrxE9-P96-oqxNyq2jteDmA@mail.gmail.com> (francis picabia's message of "Thu, 2 May 2013 10:34:11 -0300")
References: <[🔎] CA+AKB6H5CHN9rRjZ7MawPD5pxGyxrxE9-P96-oqxNyq2jteDmA@mail.gmail.com>

On 2013-05-02 15:34 +0200, francis picabia wrote:

> I often download packages to servers using wget and the "Direct Link"
> feature on the sourceforge projects.
>
> For example, today, I downloaded scamp:
>
> $ wget
> http://downloads.sourceforge.net/project/scamp/scamp/scamp-5.6/scamp-5.6.tar.gz?r=&ts=1367500908&use_mirror=superb-dca3
>
> On Redhat, this produces a file called scamp-5.6.tar.gz
>
> On Debian, this produces a file called scamp-5.6.tar.gz?r=
> Sometimes the resulting filename on Debian is much longer.
>
> It can be easily fixed with the mv command, but it has me wondering,
> why does the Debian version have this issue?

Because it has fixed CVE-2010-2252¹ while the (possibly older) Redhat
version does not.  Use the "--trust-server-names" option if you want
wget to write to the filename the server redirects to rather than the
one you specified on the commandline.

See http://bugs.debian.org/590296 for details.

Cheers,
       Sven


¹ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2252

Reply to:

References:
- Wget difference
  - From: francis picabia <fpicabia@gmail.com>

Prev by Date: Re: what's your Debian uptime?
Next by Date: Re: Planning for Disk Encryption
Previous by thread: Wget difference
Next by thread: Re: Wget difference
Index(es):
- Date
- Thread