[Oraclevm-errata] OVMSA-2014-0036 Moderate: Oracle VM 3.3 wget security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Tue Nov 4 09:36:40 PST 2014
Oracle VM Security Advisory OVMSA-2014-0036
The following updated rpms for Oracle VM 3.3 have been uploaded to the
Unbreakable Linux Network:
x86_64:
wget-1.12-5.el6_6.1.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/wget-1.12-5.el6_6.1.src.rpm
Description of changes:
[1.12-5.1]
- Fix CVE-2014-4877 wget: FTP symlink arbitrary filesystem access (#1156133)
[1.12-5]
- Fix the parsing of weblink when doing recursive retrieving (#960137)
- Fix errors found by static analysis of source code (#873216)
[1.12-4]
- Add SNI (Server Name Indication) support (#909604)
[1.12-3]
- Add --trust-server-names option to fix CVE-2010-2252 (#1062190)
[1.12-2]
- Fix wget to recognize certificates with alternative names (#736445)
More information about the Oraclevm-errata
mailing list