This update for libofx fixes the following issues:
The following security vulnerabilities have been addressed:
CVE-2017-2920: Fixed an exploitable buffer overflow in the tag parsing
functionality, which could result in an out of bounds write and could be
triggered via a specially crafted OFX file (boo#1061964)
CVE-2017-2816: Fixed another buffer overflow in the tag parsing
functionality, which could result in an stack overflow and could be
triggered via a specially crafted OFX file (boo#1058673)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE Leap | 42.3 | x86_64 | libofx6 | < 0.9.10-7.3.1 | libofx6-0.9.10-7.3.1.x86_64.rpm |
openSUSE Leap | 42.3 | i586 | libofx | < 0.9.10-7.3.1 | libofx-0.9.10-7.3.1.i586.rpm |
openSUSE Leap | 42.3 | x86_64 | libofx | < 0.9.10-7.3.1 | libofx-0.9.10-7.3.1.x86_64.rpm |
openSUSE Leap | 42.3 | i586 | libofx-debuginfo | < 0.9.10-7.3.1 | libofx-debuginfo-0.9.10-7.3.1.i586.rpm |
openSUSE Leap | 42.3 | i586 | libofx-devel | < 0.9.10-7.3.1 | libofx-devel-0.9.10-7.3.1.i586.rpm |
openSUSE Leap | 42.3 | x86_64 | libofx-devel | < 0.9.10-7.3.1 | libofx-devel-0.9.10-7.3.1.x86_64.rpm |
openSUSE Leap | 42.3 | x86_64 | libofx-debuginfo | < 0.9.10-7.3.1 | libofx-debuginfo-0.9.10-7.3.1.x86_64.rpm |
openSUSE Leap | 42.3 | i586 | libofx-debugsource | < 0.9.10-7.3.1 | libofx-debugsource-0.9.10-7.3.1.i586.rpm |
openSUSE Leap | 42.3 | i586 | libofx6-debuginfo | < 0.9.10-7.3.1 | libofx6-debuginfo-0.9.10-7.3.1.i586.rpm |
openSUSE Leap | 42.3 | x86_64 | libofx-debugsource | < 0.9.10-7.3.1 | libofx-debugsource-0.9.10-7.3.1.x86_64.rpm |