Source: wget Severity: normal User: debian-...@lists.debian.org Usertags: upstream-trixie X-Debbugs-Cc: debian-...@lists.debian.org
Dear Noël, Testing (trixie) currently ships wget 1.24.5-2. FYI, upstream released 1.25.0 on November 10th 2024: https://ftp.gnu.org/gnu/wget/wget-1.25.0.tar.gz. While I am not aware of any release schedule and EOL policy for wget, I would say that the more recent release can be included in trixie, the better. And the easier would be to provide security updates to the users during the trixie life cycle. However, I would like to know that 1.25.0 fixes CVE-2024-10524, dropping support for shorthand URLs, which may break existing --but uncommon-- behaviour). Do you have any plans to upload to wget to unstable (before the trixie freeze)? Is it worth to try to do it? If you need or want help packaging this more recent upstream version, please don't hesitate to speak up. Someone from the LTS team, may be interested in contributing (CC'ing debian-lts). Best regards, -- Santiago, for the LTS Team.
signature.asc
Description: PGP signature
