wget: Update to 1.19.2

Fixes CVE-2017-13089

A stack-based buffer overflow when processing chunked, encoded HTTP
responses was found in wget. By tricking an unsuspecting user into
connecting to a malicious HTTP server, an attacker could exploit
this flaw to potentially execute arbitrary code.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/lfs/wget b/lfs/wget
index 8d3d13c2755caef9e61c8f34d04d9bad7140fd97..2c750bf653dc302c6e9a6532ad8a316f7123c2f8 100644 (file)
--- a/lfs/wget
+++ b/lfs/wget
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 1.19.1
+VER        = 1.19.2
 
 THISAPP    = wget-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = d30d82186b93fcabb4116ff513bfa9bd
+$(DL_FILE)_MD5 = caabf9727fa429626316619a6369fffa
 
 install : $(TARGET)