wget: Update to 1.19.2
authorMichael Tremer <michael.tremer@ipfire.org>
Sun, 29 Oct 2017 18:33:03 +0000 (18:33 +0000)
committerMichael Tremer <michael.tremer@ipfire.org>
Sun, 29 Oct 2017 18:33:03 +0000 (18:33 +0000)
Fixes CVE-2017-13089

A stack-based buffer overflow when processing chunked, encoded HTTP
responses was found in wget. By tricking an unsuspecting user into
connecting to a malicious HTTP server, an attacker could exploit
this flaw to potentially execute arbitrary code.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
lfs/wget

index 8d3d13c..2c750bf 100644 (file)
--- a/lfs/wget
+++ b/lfs/wget
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 1.19.1
+VER        = 1.19.2
 
 THISAPP    = wget-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = d30d82186b93fcabb4116ff513bfa9bd
+$(DL_FILE)_MD5 = caabf9727fa429626316619a6369fffa
 
 install : $(TARGET)