MGASA-2017-0104

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2017-0104.html

Import Source

https://advisories.mageia.org/MGASA-2017-0104.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2017-0104

Related

CVE-2017-6508

Published

2017-04-04T06:44:05Z

Modified

2017-04-04T06:31:57Z

Summary

Updated wget packages fix security vulnerability

Details

Wget up untill version 1.19.1 does not ensure control characters are not used in the hostname part of a url. This security update rejects control characters in host part of a url.

References

https://advisories.mageia.org/MGASA-2017-0104.html
https://bugs.mageia.org/show_bug.cgi?id=20613
https://lists.opensuse.org/opensuse-updates/2017-03/msg00113.html
http://lists.gnu.org/archive/html/bug-wget/2017-03/msg00018.html

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / wget

Package

Name: wget
Purl: pkg:rpm/mageia/wget?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.15-5.2.mga5

Ecosystem specific

{
    "section": "core"
}