CVE-2019-3500 (https://nvd.nist.gov/vuln/detail/CVE-2019-3500): aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file. Upstream issue: https://github.com/aria2/aria2/issues/1329 Upstream patch: https://github.com/aria2/aria2/commit/37368130ca7de5491a75fd18a20c5c5cc641824a References: https://seclists.org/oss-sec/2019/q1/13
*** This bug has been marked as a duplicate of bug 674622 ***