[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1760-1] wget security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : wget
Version        : 1.16-1+deb8u6
CVE ID         : CVE-2019-5953


Kusano Kazuhiko discovered a buffer overflow vulnerability in the handling of Internationalized Resource Identifiers (IRI) in wget, a network utility to retrieve files from the web, which could result in the execution of arbitrary code or denial of service when recursively downloading from an untrusted server.


For Debian 8 "Jessie", this problem has been fixed in version
1.16-1+deb8u6.

We recommend that you upgrade your wget packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS









-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAly+Lc1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEdoKw/+NaKUJ816K0yCadl6df6sttPZBRS3kyYh3TqDuen+XH+5uCHbJPg0H/zh
nPG7df39tn2EHX72XEbs0iVAE1aeruSUOp///jGLGjIr1u2ZzmHf9TGmRXX27rSb
qY0BXTunrvD4w3IpbxZi4vVYDl1gCQsOLcpa5XmG0siR2NMOLpXXOYV0aanqS+Si
QVgljGOpRUkL7vf25IyYrkh1wIfdSGKgc00jvlHSc2maF+p6APbGWjqjpNrmjQhC
9Ie4t/Teld67U+0o2NWCAXuYoAo3kH2VgwN4612/jrpnjq4ps1sp8Q7ed5UpFDhY
yaAShX4mhWVNmEJkXnrKUUVenNj6epHmd7Y4PXJfvxmV0+j+ySu3/IZbeU8flWLW
+euOOWkRlyYNvlRdBIh4L/7TxXJ2MrqLiXycFsw3HugrbeAAw5npQR3FSQgttoTd
gf436w754EJsWrogwdJ7sjG0hI9pcDNeMmnWRPO1NZyo8QECCxA2BMyhKDSHEQ2E
dnSy0flCotO/htoYP1zGZ/5MLv12Cmv7pNcuNu348RdE7+XWeDBTvsP0A/mgoKhe
vzES5yXBz606mf0Mi6617T+3xgzjZMA03G7V1+C2natUNITdzQ4ebaMDVDdpd89F
udSpAwIShxCIDB+DRjHWAaszDaQIqG8eXqU7lgT0DYM73FwksT0=
=rz12
-----END PGP SIGNATURE-----


Reply to: