Fedora 11: FEDORA-2009-11740 Critical Wget SSL Certificate Issue

GNU Wget is a file retrieval utility which can use either the HTTP or

FTP protocols. Wget features include the ability to work in the

background while you are logged out, recursive retrieval of

directories, file name wildcard matching, remote file timestamp

storage and comparison, use of Rest with FTP servers and Range with

HTTP servers to retrieve files over slow or unstable connections,

support for Proxy servers, and configurability.

ChangeLog:

* Wed Nov 18 2009 Karsten Hopp 1.12-2

- don't provide /usr/share/info/dir

* Tue Nov 17 2009 Karsten Hopp 1.12-1

- update to wget-1.12

- fixes CVE-2009-3490 wget: incorrect verification of SSL certificate

with NUL in name

* Fri Aug 21 2009 Tomas Mraz - 1.11.4-5

- rebuilt with new openssl

* Mon Jul 27 2009 Fedora Release Engineering - 1.11.4-4

- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

References:

[ 1 ] Bug #520454 - CVE-2009-3490 wget: incorrect verification of SSL certificate with NUL in name

https://bugzilla.redhat.com/show_bug.cgi?id=520454

This update can be installed with the "yum" update program. Use

su -c 'yum update wget' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/