Amazon Linux 1 Security Advisory: ALAS-2016-720
Advisory Release Date: 2016-07-14 16:30 Pacific
Advisory Updated Date: 2016-07-14 16:30 Pacific
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. (CVE-2016-4971)
Affected Packages:
wget
Issue Correction:
Run yum update wget to update your system.
i686:
wget-debuginfo-1.18-1.18.amzn1.i686
wget-1.18-1.18.amzn1.i686
src:
wget-1.18-1.18.amzn1.src
x86_64:
wget-1.18-1.18.amzn1.x86_64
wget-debuginfo-1.18-1.18.amzn1.x86_64