COMMAND

    wget

SYSTEMS AFFECTED

    wget-1.5.3

PROBLEM

    Const  Kaplinsky  found  following.    It  seems  to  be  bug   in
    wget-1.5.3.   When  invoked  with  -N  option,  it  tries to chmod
    downloaded  symlinks,  but  actually  permissions  are  changed at
    target files.  This is  very dangerous, because after that  we can
    occasionally make some of  our files world-writable (symlinks  are
    usually report  0777 mode).   It is  especially dangerous  when we
    are downloading symlinks with absolute paths to the target files.

SOLUTION

    Its  quite  unnecessary  to  chmod  symlinks  at  all, and in this
    case the bugfix is simple:

        -      if (f->perms && dlthis)
        +      if (f->perms && f->type == FT_PLAINFILE && dlthis)