Synopsis: Moderate: wget security and bug fix update
Advisory ID: SLSA-2016:2587-2
Issue Date: 2016-11-03
CVE Numbers: CVE-2016-4971
—
Security Fix(es):
* It was found that wget used a file name provided by the server for the
downloaded file when following an HTTP redirect to a FTP server resource.
This could cause wget to create a file with a different name than
expected, possibly allowing the server to execute arbitrary code on the
client. (CVE-2016-4971)
—
SL7
x86_64
wget-1.14-13.el7.x86_64.rpm
wget-debuginfo-1.14-13.el7.x86_64.rpm
– Scientific Linux Development Team
