GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols.
A vulnerability was discovered in GNU Wget’s file_metadata in xattr.c.
A local attacker could obtain sensitive information to include credentials.
There is no known workaround at this time.
All GNU Wget users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/wget-1.20.1"