Описание
Security update for wget
This update for wget fixes the following issues:
- CVE-2024-38428: Fix mishandled semicolons in the userinfo subcomponent of a URI. (bsc#1226419)
Список пакетов
Image SLES12-SP5-Azure-BYOS
wget-1.14-21.19.1
Image SLES12-SP5-Azure-Basic-On-Demand
wget-1.14-21.19.1
Image SLES12-SP5-Azure-HPC-BYOS
wget-1.14-21.19.1
Image SLES12-SP5-Azure-HPC-On-Demand
wget-1.14-21.19.1
Image SLES12-SP5-Azure-SAP-BYOS
wget-1.14-21.19.1
Image SLES12-SP5-Azure-SAP-On-Demand
wget-1.14-21.19.1
Image SLES12-SP5-Azure-Standard-On-Demand
wget-1.14-21.19.1
Image SLES12-SP5-EC2-BYOS
wget-1.14-21.19.1
Image SLES12-SP5-EC2-ECS-On-Demand
wget-1.14-21.19.1
Image SLES12-SP5-EC2-On-Demand
wget-1.14-21.19.1
Image SLES12-SP5-EC2-SAP-BYOS
wget-1.14-21.19.1
Image SLES12-SP5-EC2-SAP-On-Demand
wget-1.14-21.19.1
Image SLES12-SP5-GCE-BYOS
wget-1.14-21.19.1
Image SLES12-SP5-GCE-On-Demand
wget-1.14-21.19.1
Image SLES12-SP5-GCE-SAP-BYOS
wget-1.14-21.19.1
Image SLES12-SP5-GCE-SAP-On-Demand
wget-1.14-21.19.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
wget-1.14-21.19.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
wget-1.14-21.19.1
SUSE Linux Enterprise Server 12 SP5
wget-1.14-21.19.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
wget-1.14-21.19.1
Ссылки
- Link for SUSE-SU-2024:2154-1
- E-Mail link for SUSE-SU-2024:2154-1
- SUSE Security Ratings
- SUSE Bug 1226419
- SUSE CVE CVE-2024-38428 page
Описание
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.
Затронутые продукты
Image SLES12-SP5-Azure-BYOS:wget-1.14-21.19.1
Image SLES12-SP5-Azure-Basic-On-Demand:wget-1.14-21.19.1
Image SLES12-SP5-Azure-HPC-BYOS:wget-1.14-21.19.1
Image SLES12-SP5-Azure-HPC-On-Demand:wget-1.14-21.19.1
Ссылки
- CVE-2024-38428
- SUSE Bug 1226419