MGASA-2018-0244 Updated wget packages fix security vulnerabilities
Harry Sintonen discovered that wget does not properly handle '\r\n' from continuation lines while parsing the Set-Cookie HTTP header. A malicious web server could use this flaw to inject arbitrary cookies to the cookie jar file, adding new or replacing existing cookie values CVE-2018-0494. The...