ncmpc vulnerability
A security issue affects these releases of Ubuntu and its
derivatives:
* Ubuntu 16.04 LTS
Summary
ncmpc could be made to crash if it received a long chat message.
Software Description
* ncmpc - ncurses-based audio player
Details
It was discovered that ncmpc incorrectly handled long chat
messages. A remote attacker could possibly exploit this with a
crafted chat message, causing ncmpc to crash, resulting in a
denial of service. (CVE-2018-9240)
Update instructions
The problem can be corrected by updating your system to the
following package versions:
Ubuntu 16.04 LTS
ncmpc - 0.24-1+deb8u1build0.16.04.1
ncmpc-lyrics - 0.24-1+deb8u1build0.16.04.1
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart ncmpc to make
all the necessary changes.
References
* CVE-2018-9240
--- Mystic BBS v1.12 A46 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)