Ubuntu Security Notice 3731-2 - USN-3731-1 fixed a vulnerability in LFTP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that LFTP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
16dfc966b49a1cabdf76c88db0a1e1293d42925b027c434566289bd416c5f170
==========================================================================
Ubuntu Security Notice USN-3731-2
August 06, 2018
lftp vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
LFTP could be made to crash if it received specially crafted file.
Software Description:
- lftp: Sophisticated command-line FTP/HTTP client programs
Details:
USN-3731-1 fixed a vulnerability in LFTP. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that LFTP incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of
service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
lftp 4.3.3-1ubuntu0.1
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3731-2
https://usn.ubuntu.com/usn/usn-3731-1
CVE-2018-10916