[SECURITY] [DLA 1149-1] wget security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1149-1] wget security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Fri, 27 Oct 2017 23:26:10 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.02.1710272322560.5990@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : wget
Version        : 1.13.4-3+deb7u5
CVE ID         : CVE-2017-13089 CVE-2017-13090

CVE-2017-13089
     Fix stack overflow in HTTP protocol handling.

CVE-2017-13090
     Fix heap overflow in HTTP protocol handling.


For Debian 7 "Wheezy", these problems have been fixed in version
1.13.4-3+deb7u5.

We recommend that you upgrade your wget packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJZ86RyXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHVZEP/Ai+ObP+wh5a9JUTVD7EFM4a
l26yGWQbz6LPuxB6cVk0+KpiN7T78GQh04FDlBIuVoPWJsAwvCgJ/2zv+qnX+Vqi
sFAdlbNQxMSW94wzxOGS7OVlYylEqDhRJwQQlNqCesRdm/XfpPQPn1sgTOpMqPf7
JJEhcKDgobnJYGu/LorM/equb/UFa6ioKlsTxdlMa/DXffV9DRDkPcAFHdBpkRmy
tTltWD6usf8wENX1Le3KCRto5pakEItpwHeFBa6THsmHDO+p2Phw2u1qaL+Uz7K0
AeVYRv6QRly/wZkfq0z1ZrMW5b+emgxmu72L0/NEyLU+3hhTSp9YgtIR2diCUaS+
NXCV02054jWwi/jc8cEyfpNh9tCaCJ4sGLU5qJ2l9Js9x266RCsItG7//3sXN7rP
JeMEf52pCOodcjTSu2q7fLsFP5WSspO3NVhaNXKlNCNkEKATgqo0NglKfNN7rB5A
IdBuiLqDHsq0Ou3RKNVEZjWorYUwnX1jmDP/6oL3lyKtH+hsJ+zP1VGGoebuIS1v
rm7uJbbyQ1Ysj95uhdRZa91aP3aZ6853e7cyQCq1xdOp40GmCN99mCE8M3ATtfb/
FXqinLcIDxFdWFIRmbsbRX7pMcvtJ2JLWSqcrA7Bd+4jLw9KUPePS1IHqC3wJ/eD
Fy2lWJjf9lBjSZoOfqVK
=WALr
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1148-1] golang security update
Next by Date: [SECURITY] [DLA 1150-1] wpa security update
Previous by thread: [SECURITY] [DLA 1148-1] golang security update
Next by thread: [SECURITY] [DLA 1150-1] wpa security update
Index(es):
- Date
- Thread