Errata overview
Errata ID 144
Date 2017-08-23
Source package wget
Fixed in version 1.16-1+deb8u2
This update addresses the following issue:
* CRLF injection vulnerability in the url_parse function in url.c allows
  remote attackers to inject arbitrary HTTP headers via CRLF sequences in the
  host subcomponent of a URL (CVE-2017-6508)
Additional notes
CVE ID CVE-2017-6508
UCS Bug number #45179