wget 1.15-1ubuntu1.14.04.3 source package in Ubuntu

Changelog

wget (1.15-1ubuntu1.14.04.3) trusty-security; urgency=medium

  * SECURITY UPDATE: race condition leading to access list bypass
    - debian/patches/CVE-2016-7098-1.patch: limit file mode in src/http.c.
    - debian/patches/CVE-2016-7098-2.patch: add .tmp to temp files in
      src/http.c.
    - debian/patches/CVE-2016-7098-3.patch: replace asprintf by aprint in
      src/http.c.
    - CVE-2016-7098
  * SECURITY UPDATE: CRLF injection in url_parse
    - debian/patches/CVE-2017-6508.patch: check for invalid control
      characters in src/url.c.
    - CVE-2017-6508
  * SECURITY UPDATE: stack overflow in HTTP protocol handling
    - debian/patches/CVE-2017-13089.patch: return error on negative chunk
      size in src/http.c.
    - CVE-2017-13089
  * SECURITY UPDATE: heap overflow in HTTP protocol handling
    - debian/patches/CVE-2017-13090.patch: stop processing on negative
      chunk size in src/retr.c.
    - CVE-2017-13090

 -- Marc Deslauriers <email address hidden>  Mon, 23 Oct 2017 15:39:58 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2017-10-24
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
web
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
wget_1.15.orig.tar.gz 3.3 MiB 52126be8cf1bddd7536886e74c053ad7d0ed2aa89b4b630f76785bac21695fcd
wget_1.15-1ubuntu1.14.04.3.debian.tar.gz 30.8 KiB c0ee9bf16959bc2f5ecfa94216ada0b0e5a34971a0501074e70e019ade6a6319
wget_1.15-1ubuntu1.14.04.3.dsc 1.9 KiB adabab3126e8fb6bb732d831b10e32791b3ff75b93fe497116b194d15937510b

View changes file

Binary packages built by this source

wget: retrieves files from the web

 Wget is a network utility to retrieve files from the web
 using HTTP(S) and FTP, the two most widely used internet
 protocols. It works non-interactively, so it will work in
 the background, after having logged off. The program supports
 recursive retrieval of web-authoring pages as well as FTP
 sites -- you can use Wget to make mirrors of archives and
 home pages or to travel the web like a WWW robot.
 .
 Wget works particularly well with slow or unstable connections
 by continuing to retrieve a document until the document is fully
 downloaded. Re-getting files from where it left off works on
 servers (both HTTP and FTP) that support it. Both HTTP and FTP
 retrievals can be time stamped, so Wget can see if the remote
 file has changed since the last retrieval and automatically
 retrieve the new version if it has.
 .
 Wget supports proxy servers; this can lighten the network load,
 speed up retrieval, and provide access behind firewalls.

wget-dbgsym: debug symbols for package wget

 Wget is a network utility to retrieve files from the web
 using HTTP(S) and FTP, the two most widely used internet
 protocols. It works non-interactively, so it will work in
 the background, after having logged off. The program supports
 recursive retrieval of web-authoring pages as well as FTP
 sites -- you can use Wget to make mirrors of archives and
 home pages or to travel the web like a WWW robot.
 .
 Wget works particularly well with slow or unstable connections
 by continuing to retrieve a document until the document is fully
 downloaded. Re-getting files from where it left off works on
 servers (both HTTP and FTP) that support it. Both HTTP and FTP
 retrievals can be time stamped, so Wget can see if the remote
 file has changed since the last retrieval and automatically
 retrieve the new version if it has.
 .
 Wget supports proxy servers; this can lighten the network load,
 speed up retrieval, and provide access behind firewalls.

wget-udeb: retrieves files from the web

 This package provides wget.gnu binary as alternative to the limited
 implementation in busybox (see for example ssl support).

wget-udeb-dbgsym: debug symbols for package wget-udeb

 This package provides wget.gnu binary as alternative to the limited
 implementation in busybox (see for example ssl support).