>Number:         14962
>Category:       pkg
>Synopsis:       bad option for wget in  download-vulnerability-list
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Dec 16 03:54:00 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     Wojciech Puchar
>Release:        1.5.2
>Organization:
TENSOR ap
>Environment:
NetBSD chylonia.3miasto.net 1.5.2 NetBSD 1.5.2 (local) #17: Fri Dec  7 23:54:54 CET 2001     root@chylonia.3miasto.net:/usr/src/sys/arch/i386/compile/local i386

>Description:
this script uses wget -o instead of wget -O so transfer log instead of
data goes to /usr/pkg/distfiles/vulnerabilities
so script is completely unusable
>How-To-Repeat:
use the script	
>Fix:
replace -o with -O in wget options

in /usr/src/pkgsrc/security/audit-packages/files/download-vulnerability-list   
and make update
>Release-Note:
>Audit-Trail:
>Unformatted: