Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

openSUSE: wget2 Important Buffer Overflow Fixes CVE-2025-69194 2026:0010-1

opensuse
Calendar Grey January 12, 2026
Dist Opensuse Esm H88
An important update is available for openSUSE to fix multiple issues in wget2, including critical buffer overflows.
An update that fixes two vulnerabilities is now available.

Description

This update for wget2 fixes the following issues:

- Update to release 2.2.1

* Fix file overwrite issue with metalink [CVE-2025-69194 bsc#1255728]

* Fix remote buffer overflow in get_local_filename_real()

[CVE-2025-69195 bsc#1255729]

* Fix a redirect/mirror regression from 400713ca

* Use the local system timestamp when requested via

--no-use-server-timestamps

* Prevent file truncation with --no-clobber

* Improve messages about why URLs are not being followed

* Fix metalink with -O/--output-document

* Fix sorting of metalink mirrors by priority

* Add --show-progress to improve backwards compatibility to wget

* Fix buffer overflow in wget_iri_clone() after wget_iri_set_scheme()

* Allow 'no_' prefix in config options

* Use libnghttp2 for HTTP/2 testing

* Set exit status to 8 on 403 response code

* Fix convert-links

* Fix --server-response for HTTP/1.1

- Update to release 2.2.0

* Don't...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory buffer overflow file overwrite important OpenSUSE wget2

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2026-10=1

Package List

- openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64):

libwget4-2.2.1-bp156.2.3.1

wget2-2.2.1-bp156.2.3.1

wget2-devel-2.2.1-bp156.2.3.1

References

https://www.suse.com/security/cve/CVE-2025-69194.html

https://www.suse.com/security/cve/CVE-2025-69195.html

https://bugzilla.suse.com/1255728

https://bugzilla.suse.com/1255729

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:0010-1
Rating: important
Affected Products: openSUSE Backports SLE-15-SP6

Topics%20covered

Topics Covered

security advisory buffer overflow file overwrite important OpenSUSE wget2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here