Issued:: 2024-09-03
Updated:: 2024-09-03

RHSA-2024:6192 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: wget security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for wget is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols.

Security Fix(es):

wget: Misinterpretation of input may lead to improper behavior (CVE-2024-38428)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
Red Hat Enterprise Linux Server - AUS 9.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 9 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
Red Hat Enterprise Linux for ARM 64 9 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

BZ - 2292836 - CVE-2024-38428 wget: Misinterpretation of input may lead to improper behavior

CVEs

CVE-2024-38428

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 9

SRPM
wget-1.21.1-8.el9_4.src.rpm	SHA-256: 001c087565034e44df1a935bc4aabb44b7b47b3187752c8b18e44c3900f6fd67
x86_64
wget-1.21.1-8.el9_4.x86_64.rpm	SHA-256: a5366a624f63487a0cfc5fc2fe15148d6c31be27c80cf00815f25324e3d0d729
wget-debuginfo-1.21.1-8.el9_4.x86_64.rpm	SHA-256: 565c70aae49cc75ac20c28da9a0fe71b29b9e30b6ba8eb686240afd226875e7e
wget-debugsource-1.21.1-8.el9_4.x86_64.rpm	SHA-256: 24aef3c4fd74790101e370dbd98f2f3050807b6c45859015bfad30216b48b12a

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
wget-1.21.1-8.el9_4.src.rpm	SHA-256: 001c087565034e44df1a935bc4aabb44b7b47b3187752c8b18e44c3900f6fd67
x86_64
wget-1.21.1-8.el9_4.x86_64.rpm	SHA-256: a5366a624f63487a0cfc5fc2fe15148d6c31be27c80cf00815f25324e3d0d729
wget-debuginfo-1.21.1-8.el9_4.x86_64.rpm	SHA-256: 565c70aae49cc75ac20c28da9a0fe71b29b9e30b6ba8eb686240afd226875e7e
wget-debugsource-1.21.1-8.el9_4.x86_64.rpm	SHA-256: 24aef3c4fd74790101e370dbd98f2f3050807b6c45859015bfad30216b48b12a

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
wget-1.21.1-8.el9_4.src.rpm	SHA-256: 001c087565034e44df1a935bc4aabb44b7b47b3187752c8b18e44c3900f6fd67
x86_64
wget-1.21.1-8.el9_4.x86_64.rpm	SHA-256: a5366a624f63487a0cfc5fc2fe15148d6c31be27c80cf00815f25324e3d0d729
wget-debuginfo-1.21.1-8.el9_4.x86_64.rpm	SHA-256: 565c70aae49cc75ac20c28da9a0fe71b29b9e30b6ba8eb686240afd226875e7e
wget-debugsource-1.21.1-8.el9_4.x86_64.rpm	SHA-256: 24aef3c4fd74790101e370dbd98f2f3050807b6c45859015bfad30216b48b12a

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
wget-1.21.1-8.el9_4.src.rpm	SHA-256: 001c087565034e44df1a935bc4aabb44b7b47b3187752c8b18e44c3900f6fd67
s390x
wget-1.21.1-8.el9_4.s390x.rpm	SHA-256: f090cdaec129f94d50e70a4c4535074b549428a29469b8e3898f4f733b036255
wget-debuginfo-1.21.1-8.el9_4.s390x.rpm	SHA-256: 66f21cac8ed118e4e3edb58deb322d57ad384ec73edc0c91bf297819aba750a8
wget-debugsource-1.21.1-8.el9_4.s390x.rpm	SHA-256: afbf8a421834cc03ef91162247d0e9c1aa3c2d27ddd33aa2283b2bd1859cfe7e

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
wget-1.21.1-8.el9_4.src.rpm	SHA-256: 001c087565034e44df1a935bc4aabb44b7b47b3187752c8b18e44c3900f6fd67
s390x
wget-1.21.1-8.el9_4.s390x.rpm	SHA-256: f090cdaec129f94d50e70a4c4535074b549428a29469b8e3898f4f733b036255
wget-debuginfo-1.21.1-8.el9_4.s390x.rpm	SHA-256: 66f21cac8ed118e4e3edb58deb322d57ad384ec73edc0c91bf297819aba750a8
wget-debugsource-1.21.1-8.el9_4.s390x.rpm	SHA-256: afbf8a421834cc03ef91162247d0e9c1aa3c2d27ddd33aa2283b2bd1859cfe7e

Red Hat Enterprise Linux for Power, little endian 9

SRPM
wget-1.21.1-8.el9_4.src.rpm	SHA-256: 001c087565034e44df1a935bc4aabb44b7b47b3187752c8b18e44c3900f6fd67
ppc64le
wget-1.21.1-8.el9_4.ppc64le.rpm	SHA-256: f7b6d4ad741d4123fbb300693dca388a8eb4b7beaec37b064b72467fd894b2df
wget-debuginfo-1.21.1-8.el9_4.ppc64le.rpm	SHA-256: dfc1779e874155c85eb8122093973de08745f8aca693d61124fdc526bc22c999
wget-debugsource-1.21.1-8.el9_4.ppc64le.rpm	SHA-256: b6487dc677d892eee30008b753765f5e2c4cd3efec8d9af5c146e0b26b862335

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
wget-1.21.1-8.el9_4.src.rpm	SHA-256: 001c087565034e44df1a935bc4aabb44b7b47b3187752c8b18e44c3900f6fd67
ppc64le
wget-1.21.1-8.el9_4.ppc64le.rpm	SHA-256: f7b6d4ad741d4123fbb300693dca388a8eb4b7beaec37b064b72467fd894b2df
wget-debuginfo-1.21.1-8.el9_4.ppc64le.rpm	SHA-256: dfc1779e874155c85eb8122093973de08745f8aca693d61124fdc526bc22c999
wget-debugsource-1.21.1-8.el9_4.ppc64le.rpm	SHA-256: b6487dc677d892eee30008b753765f5e2c4cd3efec8d9af5c146e0b26b862335

Red Hat Enterprise Linux for ARM 64 9

SRPM
wget-1.21.1-8.el9_4.src.rpm	SHA-256: 001c087565034e44df1a935bc4aabb44b7b47b3187752c8b18e44c3900f6fd67
aarch64
wget-1.21.1-8.el9_4.aarch64.rpm	SHA-256: 8d5014131be00c09deac0494ffe8ffd1e206d280aaabb7db98a7d043acda4aca
wget-debuginfo-1.21.1-8.el9_4.aarch64.rpm	SHA-256: 16291809b09b7d02cbdf2f3ba55346f1a06b992953a7fc8d192fa54b83bf0a04
wget-debugsource-1.21.1-8.el9_4.aarch64.rpm	SHA-256: b1040b855f961541fb52085cef0419f0f3812b4a44a29c13b83a009a6bdb5592

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
wget-1.21.1-8.el9_4.src.rpm	SHA-256: 001c087565034e44df1a935bc4aabb44b7b47b3187752c8b18e44c3900f6fd67
aarch64
wget-1.21.1-8.el9_4.aarch64.rpm	SHA-256: 8d5014131be00c09deac0494ffe8ffd1e206d280aaabb7db98a7d043acda4aca
wget-debuginfo-1.21.1-8.el9_4.aarch64.rpm	SHA-256: 16291809b09b7d02cbdf2f3ba55346f1a06b992953a7fc8d192fa54b83bf0a04
wget-debugsource-1.21.1-8.el9_4.aarch64.rpm	SHA-256: b1040b855f961541fb52085cef0419f0f3812b4a44a29c13b83a009a6bdb5592

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
wget-1.21.1-8.el9_4.src.rpm	SHA-256: 001c087565034e44df1a935bc4aabb44b7b47b3187752c8b18e44c3900f6fd67
ppc64le
wget-1.21.1-8.el9_4.ppc64le.rpm	SHA-256: f7b6d4ad741d4123fbb300693dca388a8eb4b7beaec37b064b72467fd894b2df
wget-debuginfo-1.21.1-8.el9_4.ppc64le.rpm	SHA-256: dfc1779e874155c85eb8122093973de08745f8aca693d61124fdc526bc22c999
wget-debugsource-1.21.1-8.el9_4.ppc64le.rpm	SHA-256: b6487dc677d892eee30008b753765f5e2c4cd3efec8d9af5c146e0b26b862335

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
wget-1.21.1-8.el9_4.src.rpm	SHA-256: 001c087565034e44df1a935bc4aabb44b7b47b3187752c8b18e44c3900f6fd67
x86_64
wget-1.21.1-8.el9_4.x86_64.rpm	SHA-256: a5366a624f63487a0cfc5fc2fe15148d6c31be27c80cf00815f25324e3d0d729
wget-debuginfo-1.21.1-8.el9_4.x86_64.rpm	SHA-256: 565c70aae49cc75ac20c28da9a0fe71b29b9e30b6ba8eb686240afd226875e7e
wget-debugsource-1.21.1-8.el9_4.x86_64.rpm	SHA-256: 24aef3c4fd74790101e370dbd98f2f3050807b6c45859015bfad30216b48b12a

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
wget-1.21.1-8.el9_4.src.rpm	SHA-256: 001c087565034e44df1a935bc4aabb44b7b47b3187752c8b18e44c3900f6fd67
aarch64
wget-1.21.1-8.el9_4.aarch64.rpm	SHA-256: 8d5014131be00c09deac0494ffe8ffd1e206d280aaabb7db98a7d043acda4aca
wget-debuginfo-1.21.1-8.el9_4.aarch64.rpm	SHA-256: 16291809b09b7d02cbdf2f3ba55346f1a06b992953a7fc8d192fa54b83bf0a04
wget-debugsource-1.21.1-8.el9_4.aarch64.rpm	SHA-256: b1040b855f961541fb52085cef0419f0f3812b4a44a29c13b83a009a6bdb5592

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
wget-1.21.1-8.el9_4.src.rpm	SHA-256: 001c087565034e44df1a935bc4aabb44b7b47b3187752c8b18e44c3900f6fd67
s390x
wget-1.21.1-8.el9_4.s390x.rpm	SHA-256: f090cdaec129f94d50e70a4c4535074b549428a29469b8e3898f4f733b036255
wget-debuginfo-1.21.1-8.el9_4.s390x.rpm	SHA-256: 66f21cac8ed118e4e3edb58deb322d57ad384ec73edc0c91bf297819aba750a8
wget-debugsource-1.21.1-8.el9_4.s390x.rpm	SHA-256: afbf8a421834cc03ef91162247d0e9c1aa3c2d27ddd33aa2283b2bd1859cfe7e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Ansible.com

Red Hat Ecosystem Catalog

Red Hat Hybrid Cloud Console

Red Hat Store

Red Hat Marketplace

Red Hat Summit and AnsibleFest