Joined: 12 May 2004
|Posted: Sat Oct 29, 2016 3:26 pm Post subject: [ GLSA 201610-11 ] GNU Wget
|Gentoo Linux Security Advisory
Title: GNU Wget: Multiple vulnerabilities (GLSA 201610-11)
Date: October 29, 2016
Bug(s): #560418, #585926
Multiple vulnerabilities have been found in Wget, the worst of
which could lead to the remote execution of arbitrary code.
GNU Wget is a free software package for retrieving files using HTTP,
HTTPS and FTP, the most widely-used Internet protocols.
Vulnerable: < 1.18
Unaffected: >= 1.18
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in Wget. Please review the
CVE identifier and bug reports referenced for details.
A remote attacker could possibly execute arbitrary code with the
privileges of the process or obtain sensitive information.
There is no known workaround at this time.
All GNU Wget users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/wget-1.18"