Fixed upstream in 0.9.15.
RPM Packages =>
libofx security update CVE-2019-9656 =>
libofx new security issue CVE-2019-9656
Pushed to testing. It can be tested importing an OFX file with Gnucash or Kmymoney. As no ABI was changed, they do not need a rebuild against the updated lib.
A security bug was found in OFX library, upstream version 0.9.15 was released to fix it.
Updated libofx packages fix security vulnerability:
There is a NULL pointer dereference in the function
OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by