Bug#901967: CVE-2018-11723 is fixed in libpff 20180714.

Fri, 09 Nov 2018 21:12:36 -0800 

The actual bug heap-buffer-overflow beneeth the
CVE-2018-11723 is described in the Issue #64 [1]
in the upstream bugtracker.

The bug is fixed in the version 20180714 by commit [2].

See also libpff author comments [3] on this CVE-2018-11723.

  [1] https://github.com/libyal/libpff/issues/64
  [2]
https://github.com/libyal/libpff/commit/7b92bcace7e743cc9417e3cc3e4eee29abb70cf5
  [3] https://github.com/libyal/libpff/issues/66

Reply via email to