Viewing all changes in revision 17.
- Committer: Bazaar Package Importer
- Date: 2010-09-03 09:19:11 UTC
- Revision ID: james.westby@ubuntu.com-20100903091911-pljaqvlu7jknguls
* SECURITY UPDATE: arbitrary file overwrite via 3xx redirect
- debian/patches/CVE-2010-2252.dpatch: don't use server names in
doc/wget.texi, src/{http.*,init.c,main.c,options.h,retr.c}.
- This update changes previous behaviour by ignoring the filename
supplied by the server during redirects. To re-enable previous
behaviour, see the new --trust-server-names option.
- CVE-2010-2252
- debian/patches/CVE-2010-2252.dpatch: don't use server names in
doc/wget.texi, src/{http.*,init.c,main.c,options.h,retr.c}.
- This update changes previous behaviour by ignoring the filename
supplied by the server during redirects. To re-enable previous
behaviour, see the new --trust-server-names option.
- CVE-2010-2252
- files added:
- debian/patches/CVE-2010-2252.dpatch
- files modified:
- debian/changelog
expand all
collapse all
added
removed
