UbuntuUpdates.org

Package "wget"

Name: wget

Description:

retrieves files from the web

Latest version: 1.19.4-1ubuntu2.2
Release: bionic (18.04)
Level: security
Repository: main
Homepage: https://www.gnu.org/software/wget/

Links


Download "wget"


Other versions of "wget" in Bionic

Repository Area Version
base main 1.19.4-1ubuntu2
updates main 1.19.4-1ubuntu2.2

Changelog

Version: 1.19.4-1ubuntu2.2 2019-04-09 13:07:01 UTC

  wget (1.19.4-1ubuntu2.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Access to sensitive information
    - debian/patches/CVE-2018-20483-*.patch: fix in
      src/ftp.c, src/http.c, src/xattr.c, src/xattr.h,
      src/init.c, src/main.c, doc/wget.texi.
    - CVE-2018-20483
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2019-5953-*.patch: fix in
      src/iri.c.
    - CVE-2019-5953

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 08 Apr 2019 15:51:50 -0300

Source diff to previous version
CVE-2018-20483 set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attri
CVE-2019-5953 Buffer overflow vulnerability

Version: 1.19.4-1ubuntu2.1 2018-05-09 15:07:15 UTC

  wget (1.19.4-1ubuntu2.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Cookie injection vulnerability
    - debian/patches/CVE-2018-0494.patch: fix cooking injection
      in src/http.c.
    - CVE-2018-0494

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 08 May 2018 14:02:01 -0300

CVE-2018-0494 GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.



About   -   Send Feedback to @ubuntu_updates