This bug was fixed in the package libu2f-host - 1.1.6-1ubuntu0.1
--------------- libu2f-host (1.1.6-1ubuntu0.1) cosmic-security; urgency=medium
* SECURITY UPDATE: buffer overflow when handling response from device (LP: #1814153) - debian/patches//0002-CVE-2018-20340.patch: check to ensure response size is within offered buffer size. - CVE-2018-20340
-- Steve Beattie <email address hidden> Tue, 05 Feb 2019 11:31:23 -0800
This bug was fixed in the package libu2f-host - 1.1.6-1ubuntu0.1
---------------
libu2f-host (1.1.6-1ubuntu0.1) cosmic-security; urgency=medium
* SECURITY UPDATE: buffer overflow when handling response from device patches/ /0002-CVE- 2018-20340. patch: check to ensure
(LP: #1814153)
- debian/
response size is within offered buffer size.
- CVE-2018-20340
-- Steve Beattie <email address hidden> Tue, 05 Feb 2019 11:31:23 -0800