========================================================================== Ubuntu Security Notice USN-4523-1 September 21, 2020
libofx vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: LibOFX could be made to crash. Software Description: - libofx: client-side implementation of Open Financial Exchange specification Details: It was discovered that LibOFX did not properly check for errors in certain situations, leading to a NULL pointer dereference. A remote attacker could use this issue to cause a denial of service attack. (CVE-2019-9656) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libofx-dev 1:0.9.10-1+deb8u2build0.16.04.1 libofx6 1:0.9.10-1+deb8u2build0.16.04.1 ofx 1:0.9.10-1+deb8u2build0.16.04.1 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4523-1 CVE-2019-9656 Package Information: https://launchpad.net/ubuntu/+source/libofx/1:0.9.10-1+deb8u2build0.16.04.1
signature.asc
Description: OpenPGP digital signature
-- ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
