Hi, > It appears this CVE is against colcrt from util-linux, not the one dereived > from bsd which we use. Ours does not seem to be vulnerable at all: > > michael@feivel:~$ colcrt Downloads/binZ8dhbQ3bFM.bin > colcrt: Invalid or incomplete multibyte or wide character > > The file used is the one from the original bug report. > > Hence, I just close the bug report. Please re-open if I missed anything.
You are completely right, my original report was wrong on bsdmainutils. It is as well already fixed in 2.27 of util-linux (but not present in the built package afaics, but I will double check that now). I do not think you missed anything. Regards, Salvatore
