This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via a016c0ce6a1daa791353c8bb54383fb9b71be6ef (commit) from 7dadc138292897979fd7b42dcaae3ea19f24dae0 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit a016c0ce6a1daa791353c8bb54383fb9b71be6ef Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Oct 29 18:33:03 2017 +0000
wget: Update to 1.19.2
Fixes CVE-2017-13089
A stack-based buffer overflow when processing chunked, encoded HTTP responses was found in wget. By tricking an unsuspecting user into connecting to a malicious HTTP server, an attacker could exploit this flaw to potentially execute arbitrary code.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: lfs/wget | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
Difference in files: diff --git a/lfs/wget b/lfs/wget index 8d3d13c..2c750bf 100644 --- a/lfs/wget +++ b/lfs/wget @@ -24,7 +24,7 @@
include Config
-VER = 1.19.1 +VER = 1.19.2
THISAPP = wget-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = d30d82186b93fcabb4116ff513bfa9bd +$(DL_FILE)_MD5 = caabf9727fa429626316619a6369fffa
install : $(TARGET)
hooks/post-receive -- IPFire 2.x development tree