#9941: wget-1.19.2
----------------------+-----------------------
Reporter: bdubbs@… | Owner: ken@…
Type: defect | Status: assigned
Priority: high | Milestone: 8.2
Component: BOOK | Version: SVN
Severity: normal | Resolution:
Keywords: |
----------------------+-----------------------
Changes (by ken@…):
* owner: blfs-book@… => ken@…
* priority: normal => high
* status: new => assigned
* type: enhancement => defect
Comment:
Fixes CVE-2017-13089 CVE-2017-13090 CVE-2017-6508 - following the links
for the first two of those, if you connect to a malicious server it can
execute arbitrary code on your machine. The last allows remote attackers
to inject arbitrary HTTP headers via CRLF sequences in the host
subcomponent of a URL.
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/9941#comment:2>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
