GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Sat Oct 29, 2016 3:26 pm Post subject: [ GLSA 201610-11 ] GNU Wget |
 |
|
Gentoo Linux Security Advisory
Title: GNU Wget: Multiple vulnerabilities (GLSA 201610-11)
Severity: normal
Exploitable: remote
Date: October 29, 2016
Bug(s): #560418, #585926
ID: 201610-11
Synopsis
Multiple vulnerabilities have been found in Wget, the worst of
which could lead to the remote execution of arbitrary code.
Background
GNU Wget is a free software package for retrieving files using HTTP,
HTTPS and FTP, the most widely-used Internet protocols.
Affected Packages
Package: net-misc/wget
Vulnerable: < 1.18
Unaffected: >= 1.18
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Wget. Please review the
CVE identifier and bug reports referenced for details.
Impact
A remote attacker could possibly execute arbitrary code with the
privileges of the process or obtain sensitive information.
Workaround
There is no known workaround at this time.
Resolution
All GNU Wget users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/wget-1.18"
|
References
CVE-2016-4971 |
|
News & Announcements
