[Bug 2029930] Re: wget crash when printing download rate
Mark Esler
2029930 at bugs.launchpad.net
Tue Aug 15 19:07:46 UTC 2023
Upstream will not be assigning this issue a CVE [0] and the Ubuntu
Security Team does not consider this bug security relevant.
This bug is caused when calculating the download speed, but hitting an
out-of-bounds on the table that contains the printable strings. It is
hitting GB/s because it is, presumably, not handling the system timer
resolution correctly. This is no more security relevant than any other
bug that crashes wget.
@wiebe-halfgaar, thank you for raising awareness about this issue and
getting it fixed upstream.
[0] https://lists.gnu.org/archive/html/bug-wget/2023-08/msg00008.html
** Changed in: wget (Ubuntu)
Status: New => Confirmed
** Information type changed from Public Security to Public
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to wget in Ubuntu.
https://bugs.launchpad.net/bugs/2029930
Title:
wget crash when printing download rate
Status in wget package in Ubuntu:
Confirmed
Status in wget package in Debian:
Unknown
Bug description:
All supported versions of Ubuntu suffer from crashes in wget in printing of the download speed. I've been getting this on various servers. It's been fixed upstream and should probably be included in 'updates' of all supported Ubuntu versions.
https://git.savannah.gnu.org/git/wget.git
Commit 04ab35666997fbb3cd5d72497415fb3dfd62dcc5
https://lists.gnu.org/archive/html/bug-wget/2023-08/msg00001.html
Patch attached.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wget/+bug/2029930/+subscriptions
More information about the foundations-bugs
mailing list