| Description: | The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols.
Security Fix(es):
A stack-based and a heap-based buffer overflow flaws were found in wget when processing chunked encoded HTTP responses. By tricking an unsuspecting user into connecting to a malicious HTTP server, an attacker could exploit these flaws to potentially execute arbitrary code. (CVE-2017-13089, CVE-2017-13090)
Red Hat would like to thank the GNU Wget project for reporting these issues.
|