[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Should we upgrade wget?

Subject: [cobalt-security] Should we upgrade wget?
From: "Jelmer Jellema" <lists@xxxxxxxxxxxxxxx>
Date: Thu, 12 Dec 2002 15:47:58 +0100
Organization: Spin in het Web (www.spininhetweb.nl)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi,

I just read a message in redhat-announce
(http://rhn.redhat.com/errata/RHSA-2002-229.html) about wget versions <
1.8.2-4.

I did not read anything about this on this list (or I did not pay attention,
which is true either way). The message says:

---------
3. Problem description:

Versions of wget prior to 1.8.2-4 contain a bug that permits a malicious
FTP server to create or overwrite files anywhere on the local file system.
-----

On my RaQ-4, I have wget 1.5.3, right from the wget-1.5.3-6 rpm. So I feel
like just updating the rpm. But because maybe this will break my sun-given
configuration, it might be either a bad, or a very good idea.

Any suggestions?

Regards,
Jelmer

Follow-Ups:
- Re: [cobalt-security] Should we upgrade wget?
  - From: Harald Kapper

Prev by Date: Re: [cobalt-security] RaQ3 Patches
Next by Date: Re: [cobalt-security] Should we upgrade wget?
Previous by thread: Re: [cobalt-security] RaQ3 Patches - re-post
Next by thread: Re: [cobalt-security] Should we upgrade wget?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index