[CVS] OpenPKG: openpkg-web/security/ OpenPKG-SA-2003.007-wget.txt

Thu, 23 Jan 2003 06:35:04 -0800 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Ralf S. Engelschall
  Root:   /e/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-web                      Date:   23-Jan-2003 15:35:26
  Branch: HEAD                             Handle: 2003012314352500

  Modified files:
    openpkg-web/security    OpenPKG-SA-2003.007-wget.txt

  Log:
    final polishing and signing of wget SA

  Summary:
    Revision    Changes     Path
    1.3         +15 -4      openpkg-web/security/OpenPKG-SA-2003.007-wget.txt
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-web/security/OpenPKG-SA-2003.007-wget.txt
  ============================================================================
  $ cvs diff -u -r1.2 -r1.3 OpenPKG-SA-2003.007-wget.txt
  --- openpkg-web/security/OpenPKG-SA-2003.007-wget.txt 23 Jan 2003 14:08:02 -0000     
 1.2
  +++ openpkg-web/security/OpenPKG-SA-2003.007-wget.txt 23 Jan 2003 14:35:25 -0000     
 1.3
  @@ -1,3 +1,6 @@
  +-----BEGIN PGP SIGNED MESSAGE-----
  +Hash: SHA1
  +
   ________________________________________________________________________
   
   OpenPKG Security Advisory                            The OpenPKG Project
  @@ -20,10 +23,11 @@
   Description:
     According to research done by Steve Christey [0], directory traversal
     vulnerabilities exist in many FTP clients including wget [1].
  -  Resolution of this issue was handled primarily through Mark Cox of Red
  -  Hat whose patches were incorporated into the wget 1.8.2 HEAD
  -  development branch.  The Common Vulnerabilities and Exposures (CVE)
  -  project assigned the id CAN-2002-1344 [2] to the problem.
  +  Resolution of this issue was handled primarily through Mark Cox of
  +  Red Hat whose patches were incorporated into the wget 1.8.2 HEAD
  +  development branch of the vendor. The Common Vulnerabilities and
  +  Exposures (CVE) project assigned the id CAN-2002-1344 [2] to the
  +  problem.
   
     Please check whether you are affected by running "<prefix>/bin/rpm -q
     wget". If you have the "wget" package installed and its version is
  @@ -70,3 +74,10 @@
   the command "gpg --verify --keyserver keyserver.pgp.com".
   ________________________________________________________________________
   
  +-----BEGIN PGP SIGNATURE-----
  +Comment: OpenPKG <[EMAIL PROTECTED]>
  +
  +iD8DBQE+L/1tgHWT4GPEy58RAkSaAKCFkDghupTl/uAchoMWTLOfbhx6/QCcD08v
  +9+6wRt4YmmvQUQBcpstM2vM=
  +=/Zek
  +-----END PGP SIGNATURE-----
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [EMAIL PROTECTED]

Reply via email to