Overview

File _patchinfo of Package patchinfo.5956

<patchinfo incident="5956">
  <issue id="1064715" tracker="bnc">VUL-0: EMBARGOED: CVE-2017-13089: wget: Missing check for negative remaining_chunk_size in skip_short_body causes buffer overflow</issue>
  <issue id="1064716" tracker="bnc">VUL-0: EMBARGOED: CVE-2017-13090: wget: Missing check for negative remaining_chunk_size in fd_read_body causes heap buffer overflow</issue>
  <issue id="2017-13090" tracker="cve" />
  <issue id="2017-13089" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>jmoellers</packager>
  <description>

This update for wget fixes the following security issues:

- CVE-2017-13089,CVE-2017-13090: Missing checks for negative remaining_chunk_size in skip_short_body and fd_read_body could
  cause stack buffer overflows, which could have been exploited by malicious servers. (bsc#1064715,bsc#1064716)
</description>
  <summary>Security update for wget</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places