This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in all affected branches. For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in "Blocks" field. bug #520454: CVE-2009-3490 wget: incorrect verification of SSL certificate with NUL in name When creating a Bodhi update request, please include the bug IDs of the respective parent bugs filed against the "Security Response" product. Please mention CVE ids in the RPM changelog when available and only close this bug once all affected Fedora versions are fixed. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=520454
This is to ensure we have this addressed in rawhide and hence is not missed for EL6. F10 / F11 are affected too.
This bug appears to have been reported against 'rawhide' during the Fedora 12 development cycle. Changing version to '12'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
This issue still affects Fedora 12, and hence RHEL6. This needs to be resolved in Fedora 12 to ensure the fix is forward-carried to RHEL6.
wget-1.12-1.fc10, wget-1.12-1.fc11, wget-1.12-1.fc12 have been submitted to Fedora-testing