USN-2393-1: Wget vulnerability
30 October 2014
Wget could be made to overwrite files.
- wget - retrieves files from the web
HD Moore discovered that Wget contained a path traversal vulnerability
when downloading symlinks using FTP. A malicious remote FTP server or a man
in the middle could use this issue to cause Wget to overwrite arbitrary
files, possibly leading to arbitrary code execution.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.