| Package | wget |
|---|---|
| Version | 1.16-1+deb8u8 (jessie), 1.18-5+deb9u4 (stretch), 1.20.1-1.1+deb10u1 (buster) |
| Related CVEs | CVE-2024-38428 |
Mishandling of semicolons in the userinfo subcomponent of a URI has been fixed in GNU Wget, a utility for retrieving files over HTTP, HTTPS, FTP and FTPS.
For Debian 10 buster, these problems have been fixed in version 1.20.1-1.1+deb10u1.
For Debian 8 jessie, these problems have been fixed in version 1.16-1+deb8u8.
For Debian 9 stretch, these problems have been fixed in version 1.18-5+deb9u4.
We recommend that you upgrade your wget packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.