wget: fix CVE-2024-10524 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Divya Chellam <divya.chellam@windriver.com>	2025-01-17 05:22:05 +0000
committer	Steve Sakoman <steve@sakoman.com>	2025-01-24 07:49:28 -0800
commit	0d7adecb6bc3688cbce9ca3822507775499ced64 (patch)
tree	84c2abd9bd8a82c713105e3274755d9ef61f6749 /scripts/pybootchartgui/pybootchartgui.py
parent	4bc82e0831ec3ad0c8a0a6a24018fd2c74371e17 (diff)
download	poky-0d7adecb6bc3688cbce9ca3822507775499ced64.tar.gz

wget: fix CVE-2024-10524

Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-10524 Upstream-patch: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=c419542d956a2607bbce5df64b9d378a8588d778 (From OE-Core rev: eed5d59c138c210df91f31ac718383ccaf921faf) Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/pybootchartgui/pybootchartgui.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: