漏洞编号:CVE-2017–13089、CVE-2017–13090
漏洞名称:wget缓冲区溢出漏洞
涉及版本:1.19.2之前的版本
等级:高危
影响范围:几乎涉及到所有Linux发行版
原文引用: https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2017/haavoittuvuus–2017–037.html
官方说明: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017–13089 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017–13090
汇集各发行版安全公告列表: https://security.archlinux.org/CVE-2017–13089 https://security.archlinux.org/CVE-2017–13090
升级方法(CentOS)
输入一下命令即可:
yum install -y gcc gnutls gnutls-devel
wget http://ftp.gnu.org/gnu/wget/wget-1.19.2.tar.gz
tar -zxf wget-1.19.2.tar.gz
cd wget-1.19.2
./configure –prefix=/usr –sysconfdir=/etc
make
make install
输入wget -V
若看到1.19.2版本字样,说明升级成功