[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] [Secunia Research] GNU wget Vulnerability Report - Reques
Re: [Bug-wget] [Secunia Research] GNU wget Vulnerability Report - Request for Details
Thu, 4 Apr 2019 16:42:05 +0200
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
On 04.04.19 09:27, Tim Rühsen wrote:
> On 4/4/19 3:14 AM, Secunia Research wrote:
>> We are currently processing a report published by a third-party  for GNU
>> wget and are currently evaluating it to publish a Secunia Advisory for this.
>> Please see the original report for details.
>> We would appreciate to receive your comments on those issues before we
>> publish our advisory based on this information.
>> * Can you confirm the vulnerability?
Can you please elaborate what EXACTLY the vulnerability is? I have
searched through the (quite hefty) diff between 1.20.1 and 1.20.2 and
have found only 4 differences that may be viewed as these, but the
do not fix a vulnerability.
The CVE-entry is not quite helpful, to say the least ;-)
SUSE Linux GmbH
GF: Felix Imendörffer, Mary Higgins, Sri Rasiah
HRB 21284 (AG Nürnberg)
Description: OpenPGP digital signature