[Oraclevm-errata] OVMSA-2014-0036 Moderate: Oracle VM 3.3 wget security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Tue Nov 4 09:36:40 PST 2014

Oracle VM Security Advisory OVMSA-2014-0036

The following updated rpms for Oracle VM 3.3 have been uploaded to the 
Unbreakable Linux Network:



Description of changes:

- Fix CVE-2014-4877 wget: FTP symlink arbitrary filesystem access (#1156133)

- Fix the parsing of weblink when doing recursive retrieving (#960137)
- Fix errors found by static analysis of source code (#873216)

- Add SNI (Server Name Indication) support (#909604)

- Add --trust-server-names option to fix CVE-2010-2252 (#1062190)

- Fix wget to recognize certificates with alternative names (#736445)

More information about the Oraclevm-errata mailing list