<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 12 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif";}
h3
        {mso-style-priority:9;
        mso-style-link:"\00DCberschrift 3 Zchn";
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:13.5pt;
        font-family:"Times New Roman","serif";
        font-weight:bold;}
h4
        {mso-style-priority:9;
        mso-style-link:"\00DCberschrift 4 Zchn";
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";
        font-weight:bold;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
p
        {mso-style-priority:99;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
span.E-MailFormatvorlage17
        {mso-style-type:personal-compose;
        font-family:"Arial","sans-serif";
        color:windowtext;}
span.berschrift3Zchn
        {mso-style-name:"\00DCberschrift 3 Zchn";
        mso-style-priority:9;
        mso-style-link:"\00DCberschrift 3";
        font-family:"Times New Roman","serif";
        font-weight:bold;}
span.berschrift4Zchn
        {mso-style-name:"\00DCberschrift 4 Zchn";
        mso-style-priority:9;
        mso-style-link:"\00DCberschrift 4";
        font-family:"Times New Roman","serif";
        font-weight:bold;}
span.label
        {mso-style-name:label;}
.MsoChpDefault
        {mso-style-type:export-only;}
@page WordSection1
        {size:612.0pt 792.0pt;
        margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="DE" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial","sans-serif"">Hi all,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial","sans-serif""><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial","sans-serif"">Sorry, I’m new here. May I ask a question in this list: There is a vulnerability issue with wget (see below pls.). Newest wget in opencsw is GNU Wget 1.16.3. Is
 it intended to release a fixed version of wget here soon?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial","sans-serif""><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial","sans-serif"">Generally asked: Is there any process that ensures the fix of security issues in the opencsw project?
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial","sans-serif""><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial","sans-serif""><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial","sans-serif"">-----------------------------------------------------------------------------------------<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial","sans-serif"">From
</span><span lang="EN-US" style="font-size:8.5pt;font-family:"Arial","sans-serif";color:black">SB16-186: Vulnerability Summary for the Week of June 27, 2016<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the
</span><a href="http://www.nist.gov" target="_blank"><span lang="EN-US">National Institute of Standards and Technology</span></a><span lang="EN-US"> (NIST)
</span><a href="http://nvd.nist.gov" target="_blank"><span lang="EN-US">National Vulnerability Database</span></a><span lang="EN-US"> (NVD) in the past week. The NVD is sponsored by the
</span><a href="http://www.dhs.gov" target="_blank"><span lang="EN-US">Department of Homeland Security</span></a><span lang="EN-US"> (DHS)
</span><a href="https://www.us-cert.gov/nccic" target="_blank"><span lang="EN-US">National Cybersecurity and Communications Integration Center</span></a><span lang="EN-US"> (NCCIC) /
</span><a href="https://www.us-cert.gov" target="_blank"><span lang="EN-US">United States Computer Emergency Readiness Team</span></a><span lang="EN-US"> (US-CERT). For modified or updated entries, please visit the
</span><a href="http://nvd.nist.gov" target="_blank"><span lang="EN-US">NVD</span></a><span lang="EN-US">, which contains historical vulnerability information</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial","sans-serif""><o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span lang="EN-US" style="font-size:13.5pt;font-family:"Times New Roman","serif"">Vulnerability Summary for CVE-2016-4971<o:p></o:p></span></b></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:12.0pt;font-family:"Times New Roman","serif"">Original release date: 06/30/2016
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:12.0pt;font-family:"Times New Roman","serif"">Last revised: 07/01/2016
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:12.0pt;font-family:"Times New Roman","serif"">Source: US-CERT/NIST
<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span lang="EN-US" style="font-size:12.0pt;font-family:"Times New Roman","serif"">Overview<o:p></o:p></span></b></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span lang="EN-US" style="font-size:12.0pt;font-family:"Times New Roman","serif"">GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request
 from HTTP to a crafted FTP resource.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial","sans-serif"">---------------------------------------------------------------------------------------------<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial","sans-serif""><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial","sans-serif"">TIA, Reinhard<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>