Bug 210420 - security/vuxml: Security Vulnerability in wget (CVE-2016-4971)
Summary: security/vuxml: Security Vulnerability in wget (CVE-2016-4971)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Ports Security Team
URL: http://lists.gnu.org/archive/html/inf...
Keywords: easy, patch, patch-ready, security
Depends on:
Blocks:
 
Reported: 2016-06-20 23:14 UTC by VK
Modified: 2016-06-21 08:20 UTC (History)
2 users (show)

See Also:
bugzilla: maintainer-feedback? (ports-secteam)


Attachments
Patch VuXML for wget vuln announcement CVE-2016-4971 (1.38 KB, patch)
2016-06-20 23:14 UTC, VK
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description VK freebsd_triage 2016-06-20 23:14:38 UTC
Created attachment 171627 [details]
Patch VuXML for wget vuln announcement CVE-2016-4971

HTTP to a FTP redirection file name confusion vulnerability in wget.

On a server redirect from HTTP to a FTP resource, wget would trust the
HTTP server and uses the name in the redirected URL as the destination
filename.

* Upstream Announcement (part of 1.18 release announcement):
  http://lists.gnu.org/archive/html/info-gnu/2016-06/msg00004.html

* Upstream commit that fixes it:
  http://git.savannah.gnu.org/cgit/wget.git/commit/?id=e996e322ffd42aaa051602da182d03178d0f13e1
Comment 1 commit-hook freebsd_committer 2016-06-21 08:17:27 UTC
A commit references this bug:

Author: vd
Date: Tue Jun 21 08:16:47 UTC 2016
New revision: 417190
URL: https://svnweb.freebsd.org/changeset/ports/417190

Log:
  Document ftp/wget's HTTP to FTP redirection file name confusion vulnerability

  PR:		210420
  Submitted by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
  Security:	CVE-2016-4971

Changes:
  head/security/vuxml/vuln.xml
Comment 2 Vasil Dimov freebsd_committer 2016-06-21 08:20:52 UTC
Committed, thanks!