Re: [Bug-wget] wget bug

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] wget bug

From:	Ángel González
Subject:	Re: [Bug-wget] wget bug
Date:	Fri, 18 Sep 2015 01:44:03 +0200
User-agent:	Thunderbird

On 18/09/15 01:30, Johnny Chin wrote:

Thank you for that flag.  I was unaware of that.
Can that flag be set as default in the wgetrc?
I have users that used the old wget to get files from our servers thatneeds it.

Yes, you can set |trust-server-names| in |~/.wgetrc| *but* you arereintroducing CVE-2010-2252.

It would be much better if they explicitely provided the flag (only whenneeded) or a filename:

 wget http://downloads.malwarebytes.org/file/mbam/ -O latest-mbam-setup.exe

Also note, they can rename index.html to mbam-setup.exe

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Bug-wget] wget bug, Johnny Chin, 2015/09/17
- Re: [Bug-wget] wget bug, Ángel González, 2015/09/17
  - Re: [Bug-wget] wget bug, Johnny Chin, 2015/09/17
    - Re: [Bug-wget] wget bug, Johnny Chin, 2015/09/17
    - Re: [Bug-wget] wget bug, Ángel González <=
    - Re: [Bug-wget] wget bug, Johnny Chin, 2015/09/17

Prev by Date: [Bug-wget] [bug #45992] wget not properly following redirects
Next by Date: Re: [Bug-wget] wget bug
Previous by thread: Re: [Bug-wget] wget bug
Next by thread: Re: [Bug-wget] wget bug
Index(es):
- Date
- Thread