Skip to navigation

Bug Fix Advisory wget bug fix update

Advisory: RHBA-2012:1353-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2012-10-10
Last updated on: 2013-02-20
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)

Details

Updated wget packages that fix one bug are now available for Red Hat Enterprise
Linux 6.

The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS,
and FTP protocols. Wget provides various useful features, such as the ability to
work in the background while the user is logged out, recursive retrieval of
directories, file name wildcard matching or updating files in dependency on file
timestamp comparison.

This update fixes the following bugs:

* Prior to this update, the wget package contained a redundant URL to the wget
upstream project. This update modifies the specification file to list the
correct http://www.gnu.org/software/wget/. (BZ#754168)

* Prior to this update, the wget utility did not previously work as intended
with the "-T, --timeout" option set when http server did not answer the SSL
handshake. Wget source code has been patched, to ensure that wget aborts the
connection when using --timeout option correctly. (BZ#814208)

* Prior to this update, the wget utility source code was lacking check of the
HTTP response parsing function return value. In some cases, when HTTP response
header was malformed (fuzzed), the parsing function returned error. Because the
returned value was not checked, it then resulted in Segmentation Fault. This
update adds check of the HTTP response parsing function return value in the wget
source code. Now when HTTP response header is malformed (fuzzed) and the parsing
function returns error, the following error message is thrown and wget retries
the request. (BZ#714893)
"2012-10-01 10:13:44 ERROR -1: Malformed status line."

All users of wget are advised to upgrade to these updated packages, which fix
this bug.


Solution

Before applying this update, make sure all previously-released errata relevant
to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
wget-1.12-1.8.el6.src.rpm
File outdated by:  RHSA-2014:0151
    MD5: d1a4362587cb8b2a97563589c4bcd898
SHA-256: d4143095474d45988406006f954b6addddd220bbe0e8fc0d03b5e4967e202d14
 
IA-32:
wget-1.12-1.8.el6.i686.rpm
File outdated by:  RHSA-2014:0151
    MD5: 6f6480fb28f73321a7c851ac25f06ae4
SHA-256: 0106c68acfb90283800a7b2eef969780bb3d6a307c4e44f3f089a5b5c05493ed
wget-debuginfo-1.12-1.8.el6.i686.rpm
File outdated by:  RHSA-2014:0151
    MD5: e0b8b1a2f15a6d323606c3513ff3bf42
SHA-256: 59c3d516dbfc05fe3db3843fdb090fb1d29d4d83eef7bb4e6e020a1d2cd77664
 
x86_64:
wget-1.12-1.8.el6.x86_64.rpm
File outdated by:  RHSA-2014:0151
    MD5: 6698c709e876b9e0e29f5ae0a1e2464c
SHA-256: 27dfa1b315604557028b72aadf8d87b90cd52710ce931804dbdd27f18149eacf
wget-debuginfo-1.12-1.8.el6.x86_64.rpm
File outdated by:  RHSA-2014:0151
    MD5: 972a0e5d4623b8eb4d747c67876649bd
SHA-256: a463f8c8ce79d35d9e8d700dfed6e9e5bbb2230379eccb7f1163fdc087de5b2f
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
wget-1.12-1.8.el6.src.rpm
File outdated by:  RHSA-2014:0151
    MD5: d1a4362587cb8b2a97563589c4bcd898
SHA-256: d4143095474d45988406006f954b6addddd220bbe0e8fc0d03b5e4967e202d14
 
x86_64:
wget-1.12-1.8.el6.x86_64.rpm
File outdated by:  RHSA-2014:0151
    MD5: 6698c709e876b9e0e29f5ae0a1e2464c
SHA-256: 27dfa1b315604557028b72aadf8d87b90cd52710ce931804dbdd27f18149eacf
wget-debuginfo-1.12-1.8.el6.x86_64.rpm
File outdated by:  RHSA-2014:0151
    MD5: 972a0e5d4623b8eb4d747c67876649bd
SHA-256: a463f8c8ce79d35d9e8d700dfed6e9e5bbb2230379eccb7f1163fdc087de5b2f
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
wget-1.12-1.8.el6.src.rpm
File outdated by:  RHSA-2014:0151
    MD5: d1a4362587cb8b2a97563589c4bcd898
SHA-256: d4143095474d45988406006f954b6addddd220bbe0e8fc0d03b5e4967e202d14
 
IA-32:
wget-1.12-1.8.el6.i686.rpm
File outdated by:  RHSA-2014:0151
    MD5: 6f6480fb28f73321a7c851ac25f06ae4
SHA-256: 0106c68acfb90283800a7b2eef969780bb3d6a307c4e44f3f089a5b5c05493ed
wget-debuginfo-1.12-1.8.el6.i686.rpm
File outdated by:  RHSA-2014:0151
    MD5: e0b8b1a2f15a6d323606c3513ff3bf42
SHA-256: 59c3d516dbfc05fe3db3843fdb090fb1d29d4d83eef7bb4e6e020a1d2cd77664
 
PPC:
wget-1.12-1.8.el6.ppc64.rpm
File outdated by:  RHSA-2014:0151
    MD5: 9b11900a82f438864e73ea951b269930
SHA-256: f50cc8e13919b22284ab150695774b049a716ad8e67b87e1503030ce97b309b5
wget-debuginfo-1.12-1.8.el6.ppc64.rpm
File outdated by:  RHSA-2014:0151
    MD5: d2523f9bb95a704cc856d0dc822f51a1
SHA-256: 3b94ba7025e99cd68ccaf37927a6e03ed0b8c5adc39b613efa1a894a9bb58c56
 
s390x:
wget-1.12-1.8.el6.s390x.rpm
File outdated by:  RHSA-2014:0151
    MD5: fb34f5603d678e30bf31b1e917dd4c22
SHA-256: f22a3c372fcd379835a3d4d4466f4e1c120a1ee564efdf035b63c133cd2268dc
wget-debuginfo-1.12-1.8.el6.s390x.rpm
File outdated by:  RHSA-2014:0151
    MD5: cb270d8a66bff0d3bf7df5f4245d8fea
SHA-256: 9a931df4e00456d0d6919ba95af19b32e27fd326b4d844b01a7cfa75ef2aa477
 
x86_64:
wget-1.12-1.8.el6.x86_64.rpm
File outdated by:  RHSA-2014:0151
    MD5: 6698c709e876b9e0e29f5ae0a1e2464c
SHA-256: 27dfa1b315604557028b72aadf8d87b90cd52710ce931804dbdd27f18149eacf
wget-debuginfo-1.12-1.8.el6.x86_64.rpm
File outdated by:  RHSA-2014:0151
    MD5: 972a0e5d4623b8eb4d747c67876649bd
SHA-256: a463f8c8ce79d35d9e8d700dfed6e9e5bbb2230379eccb7f1163fdc087de5b2f
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
wget-1.12-1.8.el6.src.rpm
File outdated by:  RHSA-2014:0151
    MD5: d1a4362587cb8b2a97563589c4bcd898
SHA-256: d4143095474d45988406006f954b6addddd220bbe0e8fc0d03b5e4967e202d14
 
IA-32:
wget-1.12-1.8.el6.i686.rpm
File outdated by:  RHSA-2014:0151
    MD5: 6f6480fb28f73321a7c851ac25f06ae4
SHA-256: 0106c68acfb90283800a7b2eef969780bb3d6a307c4e44f3f089a5b5c05493ed
wget-debuginfo-1.12-1.8.el6.i686.rpm
File outdated by:  RHSA-2014:0151
    MD5: e0b8b1a2f15a6d323606c3513ff3bf42
SHA-256: 59c3d516dbfc05fe3db3843fdb090fb1d29d4d83eef7bb4e6e020a1d2cd77664
 
x86_64:
wget-1.12-1.8.el6.x86_64.rpm
File outdated by:  RHSA-2014:0151
    MD5: 6698c709e876b9e0e29f5ae0a1e2464c
SHA-256: 27dfa1b315604557028b72aadf8d87b90cd52710ce931804dbdd27f18149eacf
wget-debuginfo-1.12-1.8.el6.x86_64.rpm
File outdated by:  RHSA-2014:0151
    MD5: 972a0e5d4623b8eb4d747c67876649bd
SHA-256: a463f8c8ce79d35d9e8d700dfed6e9e5bbb2230379eccb7f1163fdc087de5b2f
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

754168 - Invalid URL in wget.spec



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/