USN-6852-1: Wget vulnerability
26 June 2024
Wget could be made to connect to a different host than expected.
Releases
Packages
- wget - retrieves files from the web
Details
It was discovered that Wget incorrectly handled semicolons in the userinfo
subcomponent of a URI. A remote attacker could possibly trick a user into
connecting to a different host than expected.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 24.04
Ubuntu 23.10
Ubuntu 22.04
Ubuntu 20.04
In general, a standard system update will make all the necessary changes.