bug-wget
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] CVE Request - Gnu Wget 1.17 - Design Error Vulnerability


From: Tim Rühsen
Subject: Re: [Bug-wget] CVE Request - Gnu Wget 1.17 - Design Error Vulnerability
Date: Sun, 14 Aug 2016 21:24:49 +0200
User-agent: KMail/5.2.3 (Linux/4.6.0-1-amd64; KDE/5.23.0; x86_64; ; )

Hi,

here is a patch to limit the file modes to u+rw for temp. downloaded files.

Not sure if your proof of concept still works or not - but it seems a good
thing anyways.

Regards, Tim

Attachment: 0001-Limit-file-mode-to-u-rw-on-temp.-downloaded-files.patch
Description: Text Data

Attachment: signature.asc
Description: This is a digitally signed message part.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]