Format: 1.8
Date: Mon, 23 Oct 2017 15:39:58 -0400
Source: wget
Binary: wget wget-udeb
Architecture: i386 i386_translations
Version: 1.15-1ubuntu1.14.04.3
Distribution: trusty
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-030.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 wget       - retrieves files from the web
 wget-udeb  - retrieves files from the web (udeb)
Changes: 
 wget (1.15-1ubuntu1.14.04.3) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: race condition leading to access list bypass
     - debian/patches/CVE-2016-7098-1.patch: limit file mode in src/http.c.
     - debian/patches/CVE-2016-7098-2.patch: add .tmp to temp files in
       src/http.c.
     - debian/patches/CVE-2016-7098-3.patch: replace asprintf by aprint in
       src/http.c.
     - CVE-2016-7098
   * SECURITY UPDATE: CRLF injection in url_parse
     - debian/patches/CVE-2017-6508.patch: check for invalid control
       characters in src/url.c.
     - CVE-2017-6508
   * SECURITY UPDATE: stack overflow in HTTP protocol handling
     - debian/patches/CVE-2017-13089.patch: return error on negative chunk
       size in src/http.c.
     - CVE-2017-13089
   * SECURITY UPDATE: heap overflow in HTTP protocol handling
     - debian/patches/CVE-2017-13090.patch: stop processing on negative
       chunk size in src/retr.c.
     - CVE-2017-13090
Checksums-Sha1: 
 59511ed94b24d2aaf14d886a2d7667e2594c5396 268640 wget_1.15-1ubuntu1.14.04.3_i386.deb
 51434173f4eb109aaae60ffd4d3877687daa439d 123036 wget-udeb_1.15-1ubuntu1.14.04.3_i386.udeb
 3d529c7bc1b59080b034a598c74cf7e98a9eabf4 290156 wget-dbgsym_1.15-1ubuntu1.14.04.3_i386.ddeb
 7476c72aa8d09c21d4b40afecfb030beaf31bd86 225182 wget-udeb-dbgsym_1.15-1ubuntu1.14.04.3_i386.ddeb
 e4bd7ea71bd989849cd64fd88337aef78287027d 1457267 wget_1.15-1ubuntu1.14.04.3_i386_translations.tar.gz
Checksums-Sha256: 
 8fb1fd73b0fca1af3ca9953bd6a0e00c2591db0153aeee732057c79332d09559 268640 wget_1.15-1ubuntu1.14.04.3_i386.deb
 96eac80d01ffb5e682a2300c9b006857fe5f74386ba741cbce473f76a83181d6 123036 wget-udeb_1.15-1ubuntu1.14.04.3_i386.udeb
 cbb6640b88801b7ccdb450aba8a7e9034c4baa6c900a5b4a41794f09136f0909 290156 wget-dbgsym_1.15-1ubuntu1.14.04.3_i386.ddeb
 8f249ea03d0aebf21bcbfa1fcfd274c1465c4ce84d33a66b19111e4a8f8af2ea 225182 wget-udeb-dbgsym_1.15-1ubuntu1.14.04.3_i386.ddeb
 d4a462368eb8cc7e7d072515d3a846ec6cb2b9d28105f8f59f075e96031200c1 1457267 wget_1.15-1ubuntu1.14.04.3_i386_translations.tar.gz
Files: 
 268f9a9875746508ae713dbf8353397e 268640 web important wget_1.15-1ubuntu1.14.04.3_i386.deb
 887e8fb527de4782e1499a09c96927ef 123036 debian-installer extra wget-udeb_1.15-1ubuntu1.14.04.3_i386.udeb
 58d129b22fc2c4ae65355297a414aed2 290156 web extra wget-dbgsym_1.15-1ubuntu1.14.04.3_i386.ddeb
 19ab600cbc2568c4a6fedac44d9701be 225182 debian-installer extra wget-udeb-dbgsym_1.15-1ubuntu1.14.04.3_i386.ddeb
 ea1c73c3d7567dc0ab740c2b7d5a52af 1457267 raw-translations - wget_1.15-1ubuntu1.14.04.3_i386_translations.tar.gz
Original-Maintainer: Noël Köthe <noel@debian.org>
Package-Type: udeb