Synopsis: Moderate: wget security and bug fix update Advisory ID: SLSA-2016:2587-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-4971 -- Security Fix(es): * It was found that wget used a file name provided by the server for the downloaded file when following an HTTP redirect to a FTP server resource. This could cause wget to create a file with a different name than expected, possibly allowing the server to execute arbitrary code on the client. (CVE-2016-4971) -- SL7 x86_64 wget-1.14-13.el7.x86_64.rpm wget-debuginfo-1.14-13.el7.x86_64.rpm - Scientific Linux Development Team