[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

wget-1.21 released [stable]

From: Darshit Shah
Subject: wget-1.21 released [stable]
Date: Thu, 31 Dec 2020 18:44:07 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0

We are pleased to announce the release of GNU Wget 1.21.

GNU Wget is a free utility for non-interactive download of files from
the  Web. It supports HTTP(S), and FTP(S) protocols, as well as
retrieval through HTTP proxies.

This is a small release with some bug fixes and a few quality of life

On behalf of everyone contributing to GNU Wget, I wish everyone a happy
new year. May it be better than 2020!

Many thanks to everyone who contributed to this release:

Ander Juaristi
Artem Egorenkov
Bruno Haible
Darshit Shah
Eneas U de Queiroz
Frans de Boer
Gisle Vanem
Jens Schleusener
Jim Cathey
JunDong Xie
Lauri Nurmi
Leif Ryge
Steven M. Schweda
Swapnil More
Tim Rühsen
Tomas Hozza
Вячеслав Петрищев


Here are the compressed sources:   (4.7MB)   (2.3MB)

Here are the GPG detached signatures[*]:

Use a mirror for higher download bandwidth:

Here are the MD5 and SHA1 checksums:

3852118b7a771a7c9c0388883c8f5dbf  wget-1.21.tar.gz
c10e69697250635fa2275ed0ab4e9439  wget-1.21.tar.lz
267451bb8de36cc7ac9c7c0403b2dce8854c1d97  wget-1.21.tar.gz
07fc9a34a76c91d377a2594dbb61ba83cebab9ad  wget-1.21.tar.lz

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify wget-1.21.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

  gpg --keyserver --recv-keys

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
  Autoconf 2.70
  Automake 1.16.2
  Gnulib v0.1-4251-g43ee1a6bf


* Changes in Wget 1.21

** Improve the number of translated strings

** Remove all uses of alloca
   In some places the length of untrusted strings has been used, e.g.
   strings from the command line or from remote.

** Fix buffer overflows in progress bar code in some locales

** Fix two null pointer accesses

** Amend cookie file header to be recognized by the 'file' command

** Post Handshake Authentication for OpenSSL

** Require gettext version 0.19.3+

** Add configure flags --enable-fsanitize-ubsan, --enable-fsanitize-asan
   and --enable-fsanitize-msan for gcc and clang

** Make several smaller fixes, enhance fuzzing, enhance building

On Behalf of the Maintainers,
Darshit Shah

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]