Dawid Golunski discovered that Wget incorrectly handled filenames when being redirected from an HTTP to an FTP URL. A malicious server could possibly use this issue to overwrite local files.
{ "availability": "No subscription required", "binaries": [ { "wget-dbgsym": "1.15-1ubuntu1.14.04.2", "wget-udeb": "1.15-1ubuntu1.14.04.2", "wget-udeb-dbgsym": "1.15-1ubuntu1.14.04.2", "wget": "1.15-1ubuntu1.14.04.2" } ] }
{ "availability": "No subscription required", "binaries": [ { "wget-dbgsym": "1.17.1-1ubuntu1.1", "wget-udeb": "1.17.1-1ubuntu1.1", "wget-udeb-dbgsym": "1.17.1-1ubuntu1.1", "wget": "1.17.1-1ubuntu1.1" } ] }