Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Wed, 14 Dec 2016 18:06:26 -0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific LinuxFrom: Scott Reid Subject: Security ERRATA Moderate: wget on SL7.x x86_64 MIME-Version: 1.0 Message-ID: <20161214180626.15410.20833@slpackages.fnal.gov> Synopsis: Moderate: wget security and bug fix update Advisory ID: SLSA-2016:2587-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-4971 -- Security Fix(es): * It was found that wget used a file name provided by the server for the downloaded file when following an HTTP redirect to a FTP server resource. This could cause wget to create a file with a different name than expected, possibly allowing the server to execute arbitrary code on the client. (CVE-2016-4971) -- SL7 x86_64 wget-1.14-13.el7.x86_64.rpm wget-debuginfo-1.14-13.el7.x86_64.rpm - Scientific Linux Development Team