~ubuntu-branches/ubuntu/lucid/wget/lucid-updates

« back to all changes in this revision

Viewing changes to debian/changelog

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2014-10-30 10:10:03 UTC
  • Revision ID: package-import@ubuntu.com-20141030101003-j9dk3c5g3c8b9q9m
Tags: 1.12-1.1ubuntu2.2
* SECURITY UPDATE: remote code execution via absolute path traversal
  vulnerability in FTP
  - debian/patches/CVE-2014-4877.dpatch: don't create local symlinks in
    src/init.c, check for duplicate file nodes in src/ftp.c, updated
    documentation in doc/wget.texi.
  - CVE-2014-4877

Show diffs side-by-side

added added

removed removed

Lines of Context:
 
1
wget (1.12-1.1ubuntu2.2) lucid-security; urgency=medium
 
2
 
 
3
  * SECURITY UPDATE: remote code execution via absolute path traversal
 
4
    vulnerability in FTP
 
5
    - debian/patches/CVE-2014-4877.dpatch: don't create local symlinks in
 
6
      src/init.c, check for duplicate file nodes in src/ftp.c, updated
 
7
      documentation in doc/wget.texi.
 
8
    - CVE-2014-4877
 
9
 
 
10
 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 30 Oct 2014 10:10:03 -0400
 
11
 
1
12
wget (1.12-1.1ubuntu2.1) lucid-security; urgency=low
2
13
 
3
14
  * SECURITY UPDATE: arbitrary file overwrite via 3xx redirect