-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 27 Jun 2016 18:00:14 +0200 Source: wget Binary: wget Architecture: source i386 Version: 1.13.4-3+deb7u3 Distribution: wheezy-security Urgency: high Maintainer: Noël Köthe <noel@debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: wget - retrieves files from the web Closes: 827003 Changes: wget (1.13.4-3+deb7u3) wheezy-security; urgency=high . * Non-maintainer upload by the Debian LTS Team * CVE-2016-4971 On a server redirect from HTTP to a FTP resource, wget would trust the HTTP server and uses the name in the redirected URL as the destination filename. This behaviour was changed and now it works similarly as a redirect from HTTP to another HTTP resource so the original name is used as the destination file. To keep the previous behaviour the user must provide --trust-server-names. (Closes: #827003) Checksums-Sha1: 61f14240fa6024dceb3267b296150e6da3891430 1884 wget_1.13.4-3+deb7u3.dsc e25e1b487026ddd9026ca7d26af21f044c884d28 2815185 wget_1.13.4.orig.tar.gz 91531fff640992e81b119d22b29da22a3f769209 29300 wget_1.13.4-3+deb7u3.debian.tar.gz 8c2b2be0813c014967b08acdead9f71393e07145 765556 wget_1.13.4-3+deb7u3_i386.deb Checksums-Sha256: bf30d2f5910579e2a999825354dcaedc57a0b23bf79e4abe8e7bb0f9e813b658 1884 wget_1.13.4-3+deb7u3.dsc 24c7710bc9f220ce23d8a9e0f5673b0efc1cace62db6de0239b5863ecc934dcd 2815185 wget_1.13.4.orig.tar.gz 9755af458594927093d2275fc78c3935cc0fcc426f03b444629587beb7a5fae5 29300 wget_1.13.4-3+deb7u3.debian.tar.gz ad638926136e26a0632289e02191e658c69d8c74054a2a7e9ea7fa648404d0d8 765556 wget_1.13.4-3+deb7u3_i386.deb Files: 087144b0e42df8bb146db05a897f9917 1884 web important wget_1.13.4-3+deb7u3.dsc 1df489976a118b9cbe1b03502adbfc27 2815185 web important wget_1.13.4.orig.tar.gz dbe62a45ec38a8b5ecc6cc780bb853e2 29300 web important wget_1.13.4-3+deb7u3.debian.tar.gz 8e77a27d28ca99e829f3b240ff4790a8 765556 web important wget_1.13.4-3+deb7u3_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJXdVjXXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHKycQAKU2RSxUJ6D3eZlGbw/Xvw97 eN91y6ZS1gHbpLjWE0VcG2CmWz1EkRlwYzk/CRDWsbClGGlb8dr1RiGJVV6gaLS9 8TUkbOEHMreyijAzO456ewtpYubNexsnMcvieq+ohme+O5xGdMCW/VHevlk14ayI ZJEoRChcJioKTwgRZaPP+CoF6mKd6QSHnhctSzOnWLLdnv7KJafHbJBBrSkaKwKR x8r5CVRfXz0WxA+7pMeHkd2RR5r0sHTfzwPh0Ddd53LC0GFVSXiMNYLRiY0Ho3w2 xj0oxEqSBvtsJko9660rC483f+wRunuomfzEfp01LUwPYMcYJabG0cxieSY4Jpxm Qet1EfNqp1CZWa/c+AY+x1IIQ/5BYYLNAJLX1aViuiZehOK7zXdll14/ZLVIN7ym 8Y76ugYshDqnfwLEWdvaENGRGKtsrMUK4XxgkJRcRqVLJ8oup+U5Mc4P8j3fmx2A dxgKuk9FQz4RAgiOT40LBaG8a0/cOQ9c5GOAoCVuSNc/jRWw+OjniaGEIWh8HadZ Vv8qriYgCmMMszQ1Um/+7uzs37p53VGF9zLJGEQq1Hd50y5bqBG3/Nd5Io+DbBBg U3F2OojKFdmmx/f/jRaWJLEWcUev313+PGSvjbcjOzJS6ndPhQybb1nfS+KLuaUp YPo3ZcTPLYHA5umEmKto =L6+N -----END PGP SIGNATURE-----