Описание
ELSA-2016-2587: wget security and bug fix update (MODERATE)
[1.14-13]
- Fix CVE-2016-4971 (#1345778)
- Added support for non-ASCII URLs (Related: CVE-2016-4971)
[1.14-12]
- Fix wget to include Host header on CONNECT as required by HTTP 1.1 (#1203384)
- Run internal test suite during build (#1295846)
- Fix -nv being documented as synonym for two options (#1147572)
[1.14-11]
- Fix CVE-2014-4877 wget: FTP symlink arbitrary filesystem access (#1156136)
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
wget
1.14-13.el7
Связанные CVE
Связанные уязвимости
CVSS3: 8.8
ubuntu
около 9 лет назад
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
CVSS3: 7
redhat
около 9 лет назад
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
CVSS3: 8.8
nvd
около 9 лет назад
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
CVSS3: 8.8
debian
около 9 лет назад
GNU wget before 1.18 allows remote servers to write to arbitrary files ...
CVSS3: 8.8
github
больше 3 лет назад
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.