diff -Nru wget-1.17.1/debian/changelog wget-1.17.1/debian/changelog
--- wget-1.17.1/debian/changelog	2016-06-14 15:37:45.000000000 +0800
+++ wget-1.17.1/debian/changelog	2017-02-24 14:36:20.000000000 +0800
@@ -1,3 +1,10 @@
+wget (1.17.1-1ubuntu1.2) xenial-proposed; urgency=medium
+
+  * debian/patches/Sanitize-value-sent-to-memset-to-prevent-SEGFAULT.patch
+    upstream commited 7099f489 patch to fix segmentation fault (LP: 1573307)
+
+ -- Chen-Han Hsiao (Stanley) <stanley.hsiao@canonical.com>  Fri, 24 Feb 2017 14:22:26 +0800
+
 wget (1.17.1-1ubuntu1.1) xenial-security; urgency=medium
 
   * SECURITY UPDATE: http to ftp redirect spoofed filenames
diff -Nru wget-1.17.1/debian/patches/Sanitize-value-sent-to-memset-to-prevent-SEGFAULT.patch wget-1.17.1/debian/patches/Sanitize-value-sent-to-memset-to-prevent-SEGFAULT.patch
--- wget-1.17.1/debian/patches/Sanitize-value-sent-to-memset-to-prevent-SEGFAULT.patch	1970-01-01 08:00:00.000000000 +0800
+++ wget-1.17.1/debian/patches/Sanitize-value-sent-to-memset-to-prevent-SEGFAULT.patch	2017-02-24 11:27:22.000000000 +0800
@@ -0,0 +1,35 @@
+From 7099f4899880eaefc2c40a3dc7693ab4174a819b Mon Sep 17 00:00:00 2001
+From: Darshit Shah <darnir@gmail.com>
+Date: Mon, 22 Feb 2016 15:08:15 +0100
+Subject: [PATCH] Sanitize value sent to memset to prevent SEGFAULT
+
+---
+ src/progress.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/progress.c b/src/progress.c
+index 93f6246..8a5df21 100644
+--- a/src/progress.c
++++ b/src/progress.c
+@@ -1164,6 +1164,8 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
+     }
+ 
+   padding = bp->width - count_cols (bp->buffer);
++  assert (padding > 0 && "Padding length became non-positive!");
++  padding = padding > 0 ? padding : 0;
+   memset (p, ' ', padding);
+   p += padding;
+   *p = '\0';
+@@ -1174,6 +1176,9 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
+    * from the release code since we do not want Wget to crash and burn when the
+    * assertion fails. Instead Wget should continue downloading and display a
+    * horrible and irritating progress bar that spams the screen with newlines.
++   *
++   * By default, all assertions are disabled in a Wget build and are enabled
++   * only with the --enable-assert configure option.
+    */
+   assert (count_cols (bp->buffer) == bp->width);
+ }
+-- 
+2.7.4
+
diff -Nru wget-1.17.1/debian/patches/series wget-1.17.1/debian/patches/series
--- wget-1.17.1/debian/patches/series	2016-06-14 15:35:21.000000000 +0800
+++ wget-1.17.1/debian/patches/series	2017-02-24 11:28:04.000000000 +0800
@@ -3,3 +3,4 @@
 wget-passive_ftp-default
 wget-doc-CRLs.patch
 CVE-2016-4971.patch
+Sanitize-value-sent-to-memset-to-prevent-SEGFAULT.patch