moparisthebest
/
wget
mirror of https://github.com/moparisthebest/wget
1
0
Fork 0
Code Issues Releases Wiki Activity
wget/doc
History
Darshit Shah 18b0979357 CVE-2014-4877: Arbitrary Symlink Access 
Wget was susceptible to a symlink attack which could create arbitrary
files, directories or symbolic links and set their permissions when
retrieving a directory recursively through FTP. This commit changes the
default settings in Wget such that Wget no longer creates local symbolic
links, but rather traverses them and retrieves the pointed-to file in
such a retrieval.

The old behaviour can be attained by passing the --retr-symlinks=no
option to the Wget invokation command.
 		2014-10-27 09:18:13 +01:00
..
ChangeLog CVE-2014-4877: Arbitrary Symlink Access 2014-10-27 09:18:13 +01:00
Makefile.am Replace @VAR@ in Makefile.am files with $VAR 2014-06-12 18:49:15 +02:00
fdl.texi Remove trailing empty lines 2014-06-12 18:49:15 +02:00
sample.wgetrc sample.wgetrc: add links to the manual 2013-12-24 17:49:48 +01:00
texi2pod.pl Fix error in texi2pod intriduced with Perl 5.18 2013-06-22 13:13:10 +02:00
wget.texi CVE-2014-4877: Arbitrary Symlink Access 2014-10-27 09:18:13 +01:00