Tags: upstream security
the following vulnerability was published for libofx.
| An exploitable buffer overflow vulnerability exists in the tag parsing
| functionality of LibOFX 0.9.11. A specially crafted OFX file can cause
| a write out of bounds resulting in a buffer overflow on the stack. An
| attacker can construct a malicious OFX file to trigger this
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
Please adjust the affected versions in the BTS as needed.