Amazon Linux 1 Security Advisory: ALAS-2018-1040
Advisory Release Date: 2018-06-08 18:35 Pacific
Advisory Updated Date: 2018-06-11 21:34 Pacific
A cookie injection flaw was found in wget. An attacker can create a malicious website which, when accessed, overrides cookies belonging to arbitrary domains.(CVE-2018-0494)
Affected Packages:
wget
Issue Correction:
Run yum update wget to update your system.
i686:
wget-1.18-4.29.amzn1.i686
wget-debuginfo-1.18-4.29.amzn1.i686
src:
wget-1.18-4.29.amzn1.src
x86_64:
wget-debuginfo-1.18-4.29.amzn1.x86_64
wget-1.18-4.29.amzn1.x86_64