Security update for lftp
This update for lftp fixes the following issues:
Security issue fixed:
- CVE-2018-10916: Fixed an improper file name sanitization which could lead to loss of integrity of
the local system (bsc#1103367).
Other issue addressed:
- The SSH login handling code detects password prompts more reliably (bsc#1120946).
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Peter Simons (psimons)
Fixed bugs
bnc#1120946
lftp: when using sftp not all password prompts are recognized
bnc#1103367
VUL-0: CVE-2018-10916: lftp: particular remote file names may lead to current working directory erased