[CLSA-2026:1784038140] Fix CVE(s): CVE-2026-58470, CVE-2026-58471, CVE-2026-58472
Type:
security
Severity:
Important
Release date:
2026-07-14 14:09:19 UTC
Description:
* SECURITY UPDATE: fix integer overflow in Content-Range header parsing in src/http.c - debian/patches/CVE-2026-58470.patch: fix integer overflow in Content-Range header parsing in src/http.c - CVE-2026-58470 * SECURITY UPDATE: fix heap buffer overflow in filename charset conversion (convert_fname) in src/url.c - debian/patches/CVE-2026-58471.patch: fix heap buffer overflow in filename charset conversion (convert_fname) in src/url.c - CVE-2026-58471 * SECURITY UPDATE: fix integer/heap buffer overflow in HTML attribute entity encoding (html_quote_string) in src/convert.c - debian/patches/CVE-2026-58472.patch: fix integer/heap buffer overflow in HTML attribute entity encoding (html_quote_string) in src/convert.c - CVE-2026-58472
Updated packages:
  • wget_1.20.1-1.1+tuxcare.els2_amd64.deb
    sha:e8d23296670eb8618b75057f15046e0955527921
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.