"A double free in FTP when using an absolute path" is fixed in wget 1.21.2 [1], but I'd update directly to the latest stable 1.21.3 [2].

[1] https://lists.gnu.org/archive/html/bug-wget/2021-09/msg00005.html
[2] https://lists.gnu.org/archive/html/bug-wget/2022-02/msg00025.html

Pushed wget-1.21.3-1.mga8 to core/updates_testing. Please test.

SRPMS/RPMS:
wget-1.21.3-1.mga8

Assignee: bugsquad => qa-bugs

Though it might be hard to update hdlists and/or rpms from ftp mirrors with broken wget. curl or aria2 must be used as a downloader to update.

? have we released a per comment 0 problematic version?

My system is updated (wget 1.21-1.1) and it do not show that problem.

$ LC_ALL=C wget --version
GNU Wget 1.21.1 built on linux-gnu

$ sudo head -10 /etc/urpmi/urpmi.cfg 
{
  downloader: wget
  verify-rpm: 1
  xml-info: on-demand
}

Core\ Release https://ftp.acc.umu.se/mirror/mageia/distrib/8/x86_64/media/core/release {
  key-ids: 80420f66
}

[morgan@svarten ~]$ sudo urpmi.update Core\ Release
mediat "Core Release" är uppdaterat    <== Translated: is updated

CC: (none) => fri

Morgan you have a https repo instead of ftp. The problem only occurs with wget and ftp.

Ah, yes my system was using *https* for "ftp.acc.umu.se"...

---

Update OK here for mga8-64
Tests per comment 0, and as used by drakrpm

I always set the systems I use to use wget for drakrpm and I have never seen a problem.

Testers who want to try switching downloader, can see https://wiki.mageia.org/en/Mageia_8_Errata#Downloading_software for where user set it by GUI.

(tested ftp from esslingen.de)

(In reply to Morgan Leijström from comment #6)
> Ah, yes my system was using *https* for "ftp.acc.umu.se"...
> 
> ---
> 
> Update OK here for mga8-64
> Tests per comment 0, and as used by drakrpm
> 
> I always set the systems I use to use wget for drakrpm and I have never seen
> a problem.
> 
> Testers who want to try switching downloader, can see
> https://wiki.mageia.org/en/Mageia_8_Errata#Downloading_software for where
> user set it by GUI.

There's no need to alter settings as default downloader can be overrided from the CLI.

$ rpm -qa wget
wget-1.21.1-1.1.mga8

$ sudo urpmi.update Core\ Release\ 2
free(): double free detected in tcache 2
...retrieving failed: wget failed: exited with signal 6

free(): double free detected in tcache 2

$ sudo urpmi.update Core\ Release\ 2 --aria2
medium "Core Release 2" is up-to-date

$ sudo urpmi.update Core\ Release\ 2 --curl 
medium "Core Release 2" is up-to-date

$ rpm -qa wget
wget-1.21.3-1.mga8

$ sudo urpmi.update Core\ Release\ 2 --wget
medium "Core Release 2" is up-to-date

$ sudo urpmi.update Core\ Release\ 2 --curl
medium "Core Release 2" is up-to-date

$ sudo urpmi.update Core\ Release\ 2 --aria2
medium "Core Release 2" is up-to-date

MGA8-64 Plasma on Lenovo B50 in Dutch
No installation issues.
Changed after the update the downloader in MCC from curlto wget, checked the /etc/urpmi/urpmi.cfg file.
Then
]# urpmi.update Core\ Updates             
medium "Core Updates (distrib3)" has been updated
    http://mirror.tuxinator.org/mageia/distrib/8/x86_64/media/debug/core/updates/media_info/20220609-212108-synthesis.hdlist.cz
updated medium "Core Updates Debug (distrib4)"
    http://mirror.tuxinator.org/mageia/distrib/8/x86_64/media/core/updates_testing/media_info/20220609-235331-synthesis.hdlist.cz                                            
updated medium "Core Updates Testing (distrib5)"
    http://mirror.tuxinator.org/mageia/distrib/8/x86_64/media/debug/core/updates_testing/media_info/20220609-235312-synthesis.hdlist.cz                                      
updated medium "Core Updates Testing Debug (distrib6)"
seems to work OK.

Whiteboard: (none) => MGA8-64-OK
CC: (none) => herman.viaene

Validating.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGAA-2022-0081.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED