[Oraclevm-errata] OVMSA-2014-0036 Moderate: Oracle VM 3.3 wget security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Tue Nov 4 09:36:40 PST 2014


Oracle VM Security Advisory OVMSA-2014-0036

The following updated rpms for Oracle VM 3.3 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
wget-1.12-5.el6_6.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/wget-1.12-5.el6_6.1.src.rpm



Description of changes:

[1.12-5.1]
- Fix CVE-2014-4877 wget: FTP symlink arbitrary filesystem access (#1156133)

[1.12-5]
- Fix the parsing of weblink when doing recursive retrieving (#960137)
- Fix errors found by static analysis of source code (#873216)

[1.12-4]
- Add SNI (Server Name Indication) support (#909604)

[1.12-3]
- Add --trust-server-names option to fix CVE-2010-2252 (#1062190)

[1.12-2]
- Fix wget to recognize certificates with alternative names (#736445)



More information about the Oraclevm-errata mailing list