Bug 210420

Summary: security/vuxml: Security Vulnerability in wget (CVE-2016-4971)
Product: Ports & Packages Reporter: VK <vlad-fbsd>
Component: Individual Port(s)Assignee: Ports Security Team <ports-secteam>
Status: Closed FIXED    
Severity: Affects Many People CC: junovitch, vd
Priority: Normal Keywords: easy, patch, patch-ready, security
Version: LatestFlags: bugzilla: maintainer-feedback? (ports-secteam)
Hardware: Any   
OS: Any   
URL: http://lists.gnu.org/archive/html/info-gnu/2016-06/msg00004.html
See Also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210421
Attachments:
Description Flags
Patch VuXML for wget vuln announcement CVE-2016-4971 none

Description VK 2016-06-20 23:14:38 UTC 
Created attachment 171627 [details]
Patch VuXML for wget vuln announcement CVE-2016-4971

HTTP to a FTP redirection file name confusion vulnerability in wget.

On a server redirect from HTTP to a FTP resource, wget would trust the
HTTP server and uses the name in the redirected URL as the destination
filename.

* Upstream Announcement (part of 1.18 release announcement):
  http://lists.gnu.org/archive/html/info-gnu/2016-06/msg00004.html

* Upstream commit that fixes it:
  http://git.savannah.gnu.org/cgit/wget.git/commit/?id=e996e322ffd42aaa051602da182d03178d0f13e1
Comment 1 commit-hook freebsd_committer freebsd_triage 2016-06-21 08:17:27 UTC 
A commit references this bug:

Author: vd
Date: Tue Jun 21 08:16:47 UTC 2016
New revision: 417190
URL: https://svnweb.freebsd.org/changeset/ports/417190

Log:
  Document ftp/wget's HTTP to FTP redirection file name confusion vulnerability

  PR:		210420
  Submitted by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
  Security:	CVE-2016-4971

Changes:
  head/security/vuxml/vuln.xml
Comment 2 Vasil Dimov freebsd_committer freebsd_triage 2016-06-21 08:20:52 UTC 
Committed, thanks!