You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa wget

Sigurnosni nedostatak programskog paketa wget

——————————————————————————–
Fedora Update Notification
FEDORA-2014-15405
2014-11-19 15:13:36
——————————————————————————–

Name : wget
Product : Fedora 19
Version : 1.16
Release : 3.fc19
URL : http://www.gnu.org/software/wget/
Summary : A utility for retrieving files using the HTTP or FTP protocols
Description :
GNU Wget is a file retrieval utility which can use either the HTTP or
FTP protocols. Wget features include the ability to work in the
background while you are logged out, recursive retrieval of
directories, file name wildcard matching, remote file timestamp
storage and comparison, use of Rest with FTP servers and Range with
HTTP servers to retrieve files over slow or unstable connections,
support for Proxy servers, and configurability.

——————————————————————————–
Update Information:

add fix for arches with unsigned char
security update
Fix the progress bar issue (#1159643)
——————————————————————————–
ChangeLog:

* Tue Nov 18 2014 Tomas Hozza <thozza@redhat.com> – 1.16-3
– Fix the progress bar issue (#1159643)
* Mon Nov 3 2014 Jakub Čajka <jcajka@redhat.com> – 1.16-2
– fix failing tests idn-cmd-utf8 and idn-robots-utf8
– re-enabled tests
* Fri Oct 31 2014 Tomas Hozza <thozza@redhat.com> – 1.16-1
– update to 1.16
– fixes CVE-2014-4877
* Wed Mar 5 2014 Tomas Hozza <thozza@redhat.com> – 1.14-10
– Bump release
* Thu Oct 10 2013 Tomas Hozza <thozza@redhat.com> – 1.14-9
– remove excessive line for ‘-nv’ option in the manpage (#1017106)
* Mon Jul 15 2013 Tomas Hozza <thozza@redhat.com> – 1.14-8
– Fix deadcode and possible use of NULL in vprintf (#913153)
– Add documentation for –regex-type and –preserve-permissions
– Fix –preserve-permissions to work as documented (and expected)
– Fix bug when authenticating using user:password@url syntax (#912358)
– Document and fix –backups option
* Wed Jul 10 2013 Tomas Hozza <thozza@redhat.com> – 1.14-7
– Fix double free of iri->orig_url (#981778)
* Mon Jun 24 2013 Tomas Hozza <thozza@redhat.com> – 1.14-6
– add missing options accept-regex and reject-regex to man page
——————————————————————————–
References:

[ 1 ] Bug #1139181 – CVE-2014-4877 wget: FTP symlink arbitrary filesystem access
https://bugzilla.redhat.com/show_bug.cgi?id=1139181
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update wget’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa xen

Otkriveni su sigurnosni nedostaci u programskom paketu xen. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje napada uskraćivanjem usluge i pokretanje proizvoljnog...

Close