Gentoo Security Advisory GLSA 200312-07 (lftp)

The remote host is missing updates announced in advisory GLSA 200312-07.
All Gentoo users who have net-ftp/lftp installed should update to use version 2.6.0 or higher using these commands: # emerge sync # emerge -pv '>=net-ftp/lftp-2.6.10' # emerge '>=net-ftp/lftp-2.6.10' # emerge clean
Two buffer overflow problems are found in lftp that, in case the user visits a malicious ftp server, could lead to malicious code being executed.