Bug 210420

Summary:

security/vuxml: Security Vulnerability in wget (CVE-2016-4971)

Product:

Ports & Packages

Reporter:

VK <vlad-fbsd>

Component:

Individual Port(s)

Assignee:

Ports Security Team <ports-secteam>

Status:

Closed FIXED

Severity:

Affects Many People

CC:

junovitch, vd

Priority:

Normal

Keywords:

easy, patch, patch-ready, security

Version:

Latest

Flags:

bugzilla: maintainer-feedback? (ports-secteam)

Hardware:

Any

OS:

Any

URL:

http://lists.gnu.org/archive/html/info-gnu/2016-06/msg00004.html

See Also:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210421

Attachments:

Description	Flags
Patch VuXML for wget vuln announcement CVE-2016-4971	none

Description VK freebsd_triage

2016-06-20 23:14:38 UTC

Created attachment 171627 [details]
Patch VuXML for wget vuln announcement CVE-2016-4971

HTTP to a FTP redirection file name confusion vulnerability in wget.

On a server redirect from HTTP to a FTP resource, wget would trust the
HTTP server and uses the name in the redirected URL as the destination
filename.

* Upstream Announcement (part of 1.18 release announcement):
  http://lists.gnu.org/archive/html/info-gnu/2016-06/msg00004.html

* Upstream commit that fixes it:
  http://git.savannah.gnu.org/cgit/wget.git/commit/?id=e996e322ffd42aaa051602da182d03178d0f13e1

Comment 1 commit-hook freebsd_committer

2016-06-21 08:17:27 UTC

A commit references this bug:

Author: vd
Date: Tue Jun 21 08:16:47 UTC 2016
New revision: 417190
URL: https://svnweb.freebsd.org/changeset/ports/417190

Log:
  Document ftp/wget's HTTP to FTP redirection file name confusion vulnerability

  PR:		210420
  Submitted by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
  Security:	CVE-2016-4971

Changes:
  head/security/vuxml/vuln.xml

Comment 2 Vasil Dimov freebsd_committer

2016-06-21 08:20:52 UTC

Committed, thanks!