Hi,

On Thu, Apr 04, 2019 at 12:40:32PM +0200, Salvatore Bonaccorso wrote:
> Source: wget
> Version: 1.20.1-1
> Severity: important
> Tags: security upstream fixed-upstream
> 
> Hi,
> 
> The following vulnerability was published for wget.
> 
> CVE-2019-5953[0]:
> Buffer overflow vulnerability
> 
> It was mentioned in the 1.20.2 release, [1]. It might be related to
> [2], but not sure as the references do not give much details.
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2019-5953
>     https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5953
> [1] https://lists.gnu.org/archive/html/bug-wget/2019-04/msg00012.html
> [2] 
> https://git.savannah.gnu.org/cgit/wget.git/commit/?id=5d87635c66aaa01bdf95f6b093b66c3d2768b696

Sorry, just to be clear, it is not confirmed that either
5d87635c66aaa01bdf95f6b093b66c3d2768b696 or maybe would be meant.
CVE-2019-5953 is associated with a 'buffer overflow vulnerability'
fixed in 1.20.2 but is without details so far.

Regards,
Salvatore

Reply via email to