[El-errata] ELSA-2016-2587 Moderate: Oracle Linux 7 wget security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Nov 10 11:11:14 PST 2016


Oracle Linux Security Advisory ELSA-2016-2587

http://linux.oracle.com/errata/ELSA-2016-2587.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
wget-1.14-13.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/wget-1.14-13.el7.src.rpm



Description of changes:

[1.14-13]
- Fix CVE-2016-4971 (#1345778)
- Added support for non-ASCII URLs (Related: CVE-2016-4971)

[1.14-12]
- Fix wget to include Host header on CONNECT as required by HTTP 1.1 
(#1203384)
- Run internal test suite during build (#1295846)
- Fix -nv being documented as synonym for two options (#1147572)

[1.14-11]
- Fix CVE-2014-4877 wget: FTP symlink arbitrary filesystem access (#1156136)





More information about the El-errata mailing list