USN-3965-1: aria2 vulnerability

6 May 2019

aria2 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.10


aria2 stores authentication information in plain text.

Software Description

  • aria2 - High speed command-line download utility


Dhiraj Mishra discovered that aria2 incorrectly stored authentication information. A local attacker could possibly use this issue to obtain credentials.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
aria2 - 1.34.0-3ubuntu0.1
libaria2-0 - 1.34.0-3ubuntu0.1
Ubuntu 18.10
aria2 - 1.34.0-2ubuntu0.1
libaria2-0 - 1.34.0-2ubuntu0.1

To update your system, please follow these instructions:

In general, a standard system update will make all the necessary changes.