ELSA-2016-2587

ELSA-2016-2587 - wget security and bug fix update

Type:SECURITY
Severity:MODERATE
Release Date:2016-11-09

Description


[1.14-13]
- Fix CVE-2016-4971 (#1345778)
- Added support for non-ASCII URLs (Related: CVE-2016-4971)

[1.14-12]
- Fix wget to include Host header on CONNECT as required by HTTP 1.1 (#1203384)
- Run internal test suite during build (#1295846)
- Fix -nv being documented as synonym for two options (#1147572)

[1.14-11]
- Fix CVE-2014-4877 wget: FTP symlink arbitrary filesystem access (#1156136)


Related CVEs


CVE-2016-4971

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) wget-1.14-13.el7.src.rpmfd053186870108d21794389ad7c16951ELSA-2019-1228
wget-1.14-13.el7.x86_64.rpm1760bfd28b1fd705e9d8e6cfc979a92aELSA-2019-1228



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete