Upgrade wget on CentOS 5

As time progresses some of my VPS machines are starting to show their age running CentOS 5. As CentOS is based on Redhat, the yum repositories often contain older versions of binaries with bugs that have been fixed in newer version. I recently ran into this with wget when trying to download the latest WordPress zip file.

--2014-10-18 01:55:38-- http://wordpress.org/latest.zip
Resolving wordpress.org...,
Connecting to wordpress.org||:80... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: https://wordpress.org/latest.zip [following]
--2014-10-18 01:55:38-- https://wordpress.org/latest.zip
Connecting to wordpress.org||:443... connected.
ERROR: certificate common name *.wordpress.org' doesn't match requested host name wordpress.org'.
To connect to wordpress.org insecurely, use `--no-check-certificate'.
Unable to establish SSL connection.
unzip: cannot find or open latest.zip, latest.zip.zip or latest.zip.ZIP

Turns out this is a bug in wget 1.11 that was fixed in 1.12, but the former is what is available via yum. There is a bug on the WordPress Trac #611 that is closed as wontfix – it has to do with the older version of wget not using the alternate name on the wildcard SSL certificate. If you want to upgrade wget on your system, you’ll need to first get the source, uninstall the existing wget with yum, and then build wget from source. You’ll probably want to jump to 1.16 since all previous versions are susceptible to CVE-2014-4877 as of this post.

Install wget from source

cd ~
wget http://ftp.gnu.org/gnu/wget/wget-1.16.tar.gz
yum -y remove wget
tar -xzvf wget-1.16.tar.gz
cd wget-1.16
./configure --with-ssl=openssl --with-libssl-prefix=/usr/lib64/openssl --prefix=/usr
make && make install

Note: If you don’t have wget on your system at all, you can also use curl to download the source with the command curl -O http://ftp.gnu.org/gnu/wget/wget-1.16.tar.gz.

You may also like...

4 Responses

  1. john says:

    thanks 😉 helped a lot

Leave a Reply

Your email address will not be published. Required fields are marked *