|
From: | Valentin LEFEBVRE (@keentux) |
Subject: | wget | Discard "Authentication" and "Cookie" header (!42) |
Date: | Wed, 04 Dec 2024 17:23:37 +0000 |
Valentin LEFEBVRE created a merge request: https://gitlab.com/gnuwget/wget/-/merge_requests/42 Project:Branches: keentux/wget:CVE-2021-31879 to gnuwget/wget:master Author: Valentin LEFEBVRE If wget for an http URL is redirected to a different site (hostname parts of URLs differ), then any "Authenticate" and "Cookie" header entries are discarded. Fix CVE-2021-31879 Fix #5 credit to @jmoellers Signed-off-by: vlefebvre <valentin.lefebvre@suse.com> -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnuwget/wget/-/merge_requests/42 You're receiving this email because of your account on gitlab.com.
[Prev in Thread] | Current Thread | [Next in Thread] |