Security update for wget2 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2026:20038-1 Final 1 1 2026-01-14T13:23:53Z current 2026-01-14T13:23:53Z 2026-01-14T13:23:53Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wget2 This update for wget2 fixes the following issues: Changes in wget2: - Update to release 2.2.1 * Fix file overwrite issue with metalink [CVE-2025-69194 bsc#1255728] * Fix remote buffer overflow in get_local_filename_real() [CVE-2025-69195 bsc#1255729] * Fix a redirect/mirror regression from 400713ca * Use the local system timestamp when requested via --no-use-server-timestamps * Prevent file truncation with --no-clobber * Improve messages about why URLs are not being followed * Fix metalink with -O/--output-document * Fix sorting of metalink mirrors by priority * Add --show-progress to improve backwards compatibility to wget * Fix buffer overflow in wget_iri_clone() after wget_iri_set_scheme() * Allow 'no_' prefix in config options * Use libnghttp2 for HTTP/2 testing * Set exit status to 8 on 403 response code * Fix convert-links * Fix --server-response for HTTP/1.1 - Update to release 2.2.0 * Don't truncate file when -c and -O are combined * Don't log URI userinfo to logs * Fix downloading multiple files via HTTP/2 * Support connecting with HTTP/1.0 proxies * Ignore 1xx HTTP responses for HTTP/1.1 * Disable TCP Fast Open by default * Fix segfault when OCSP response is missing * Add libproxy support The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Leap-16.0-packagehub-70 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1255728 SUSE Bug 1255728 https://bugzilla.suse.com/1255729 SUSE Bug 1255729 https://www.suse.com/security/cve/CVE-2025-69194/ SUSE CVE CVE-2025-69194 page https://www.suse.com/security/cve/CVE-2025-69195/ SUSE CVE CVE-2025-69195 page openSUSE Leap 16.0 libwget4-2.2.1-bp160.1.1 wget2-2.2.1-bp160.1.1 wget2-devel-2.2.1-bp160.1.1 libwget4-2.2.1-bp160.1.1 as a component of openSUSE Leap 16.0 wget2-2.2.1-bp160.1.1 as a component of openSUSE Leap 16.0 wget2-devel-2.2.1-bp160.1.1 as a component of openSUSE Leap 16.0 A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink <file name> elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially allow further compromise of the user's environment. CVE-2025-69194 openSUSE Leap 16.0:libwget4-2.2.1-bp160.1.1 openSUSE Leap 16.0:wget2-2.2.1-bp160.1.1 openSUSE Leap 16.0:wget2-devel-2.2.1-bp160.1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-69194.html CVE-2025-69194 https://bugzilla.suse.com/1255728 SUSE Bug 1255728 A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted URL, which, upon user interaction with wget2, can lead to memory corruption. This can cause the application to crash and potentially allow for further malicious activities. CVE-2025-69195 openSUSE Leap 16.0:libwget4-2.2.1-bp160.1.1 openSUSE Leap 16.0:wget2-2.2.1-bp160.1.1 openSUSE Leap 16.0:wget2-devel-2.2.1-bp160.1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-69195.html CVE-2025-69195 https://bugzilla.suse.com/1255729 SUSE Bug 1255729