Bug 41662 - wget: minor issues (4.1)
wget: minor issues (4.1)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.1
Other Linux
: P5 normal (vote)
: UCS 4.1-4-errata
Assigned To: Arvid Requate
Jürn Brodersen
:
Depends on:
Blocks: 45179
  Show dependency treegraph
 
Reported: 2016-06-27 12:48 CEST by Arvid Requate
Modified: 2017-08-16 13:34 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Security
Max CVSS v3 score: 6.1 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
requate: Patch_Available+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2016-06-27 12:48:41 CEST
Minor issue in wget:

* Lack of filename checking allows arbitrary file upload via FTP redirect (CVE-2016-4971)
Comment 1 Arvid Requate univentionstaff 2016-10-04 20:16:16 CEST
* Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open (CVE-2016-7098)
Comment 2 Arvid Requate univentionstaff 2017-03-09 13:20:01 CET
Upstream Debian package version 1.13.4-3+deb7u4 fixes this issue:

* CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL (CVE-2017-6508)


CVE-2016-4971 has been fixed in 1.13.4-3+deb7u3.

CVE-2016-7098 will probably not get fixed (CVSS: 2.6 AV:N/AC:H/Au:N/C:N/I:P/A:N)
Comment 3 Arvid Requate univentionstaff 2017-08-10 15:00:45 CEST
repo_admin.py -U -d wheezy -r 4.1 -s errata4.1-4 -p wget
b41-scope errata4.1-4 wget

Advisory: wget.yaml
Comment 4 Jürn Brodersen univentionstaff 2017-08-11 12:21:33 CEST
Looks good
What I tested:
wget univention.de -> works -> OK
changelog -> OK
YAML -> OK

Verified
Comment 5 Erik Damrose univentionstaff 2017-08-16 13:34:09 CEST
<http://errata.software-univention.de/ucs/4.1/451.html>