-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:206 http://www.mandriva.com/security/ _______________________________________________________________________ Package : wget Date : August 18, 2009 Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: A vulnerability has been found and corrected in wget: SUSE discovered a security issue in wget related to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408 This update provides a solution to this vulnerability. _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: ea12db02d04adc9fa0b29e7236bc0aff 2008.1/i586/wget-1.11-1.1mdv2008.1.i586.rpm 4bb0f6cea935f1898b16138a9184532d 2008.1/SRPMS/wget-1.11-1.1mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: b5d0178dafabf50dd69b65640794b343 2008.1/x86_64/wget-1.11-1.1mdv2008.1.x86_64.rpm 4bb0f6cea935f1898b16138a9184532d 2008.1/SRPMS/wget-1.11-1.1mdv2008.1.src.rpm Mandriva Linux 2009.0: bede85ae45fadf868872897da49055c2 2009.0/i586/wget-1.11.4-1.1mdv2009.0.i586.rpm 6790666e7840374f76f5713042791800 2009.0/SRPMS/wget-1.11.4-1.1mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 4c3aa5dc0ff825c091f33a90e6413b18 2009.0/x86_64/wget-1.11.4-1.1mdv2009.0.x86_64.rpm 6790666e7840374f76f5713042791800 2009.0/SRPMS/wget-1.11.4-1.1mdv2009.0.src.rpm Mandriva Linux 2009.1: 22ac17fb90755905810e06ba331aa3f0 2009.1/i586/wget-1.11.4-2.1mdv2009.1.i586.rpm e1cb10f372e5f447c66122cb7e21d838 2009.1/SRPMS/wget-1.11.4-2.1mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: ed2db26279ff964b66dab3d1c8131b24 2009.1/x86_64/wget-1.11.4-2.1mdv2009.1.x86_64.rpm e1cb10f372e5f447c66122cb7e21d838 2009.1/SRPMS/wget-1.11.4-2.1mdv2009.1.src.rpm Corporate 4.0: 968c766ddae497261b5771809aadd05c corporate/4.0/i586/wget-1.10-1.3.20060mlcs4.i586.rpm d68c51e4d12cc46284e74bcb3a49d2b3 corporate/4.0/SRPMS/wget-1.10-1.3.20060mlcs4.src.rpm Corporate 4.0/X86_64: b22218a9f0e8d00eba91282955c8ff13 corporate/4.0/x86_64/wget-1.10-1.3.20060mlcs4.x86_64.rpm d68c51e4d12cc46284e74bcb3a49d2b3 corporate/4.0/SRPMS/wget-1.10-1.3.20060mlcs4.src.rpm Mandriva Enterprise Server 5: 9f5a3d71664dc57fb26aebbc19c59fcb mes5/i586/wget-1.11.4-1.1mdvmes5.i586.rpm f3aa17085ae5049ee3a5bf05e3119c43 mes5/SRPMS/wget-1.11.4-1.1mdvmes5.src.rpm Mandriva Enterprise Server 5/X86_64: 3a8dc29a12c1059182edbd8d732bc9df mes5/x86_64/wget-1.11.4-1.1mdvmes5.x86_64.rpm f3aa17085ae5049ee3a5bf05e3119c43 mes5/SRPMS/wget-1.11.4-1.1mdvmes5.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKiwtSmqjQ0CJFipgRAn13AKCh0YGh/7d6XI+RzW0968xgEIqqLACglzPt /hPdLqxZ869FtuN+jpKVX/M= =NfR+ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/