ALAS-2016-720


Amazon Linux AMI Security Advisory: ALAS-2016-720
Advisory Release Date: 2016-07-14 16:30 Pacific
Severity: Medium
References: CVE-2016-4971 

Issue Overview:

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. (CVE-2016-4971 )


Affected Packages:

wget


Issue Correction:
Run yum update wget to update your system.

New Packages:
i686:
    wget-debuginfo-1.18-1.18.amzn1.i686
    wget-1.18-1.18.amzn1.i686

src:
    wget-1.18-1.18.amzn1.src

x86_64:
    wget-1.18-1.18.amzn1.x86_64
    wget-debuginfo-1.18-1.18.amzn1.x86_64