]> git.ipfire.org Git - ipfire-2.x.git/commit
projects / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6118218) | patch
wget: Update to 1.18
authorMatthias Fischer <matthias.fischer@ipfire.org>
Tue, 14 Jun 2016 10:33:00 +0000 (12:33 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Thu, 16 Jun 2016 08:26:35 +0000 (09:26 +0100)
commite072f094e6fcb20a718caaef91ba9766258e2377
tree813ec47daaacc8af01a2af6eb9387db62de7e954tree | snapshot
parent6118218c192bdd0a957e787114190bfc9c440da0commit | diff
wget: Update to 1.18

Excerpt from annoncement:

"This version fixes a security vulnerability (CVE-2016-4971) present in
all old versions of wget.  The vulnerability was discovered by Dawid
Golunski which were reported to us by Beyond Security's SecuriTeam.

On a server redirect from HTTP to a FTP resource, wget would trust the
HTTP server and uses the name in the redirected URL as the destination
filename.
This behaviour was changed and now it works similarly as a redirect from
HTTP to another HTTP resource so the original name is used as
the destination file.  To keep the previous behaviour the user must
provide --trust-server-names."

Best,
Mat-backfromholidays-thias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
lfs/wget diff | blob | blame | history
IPFire 2.x development tree