© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
Apologies for the late reply, I neglected to enable notifications...
No, I just meant that the unpatched Trusty package isn't safe just because it doesn't contain ytnef/ytnefprint binaries. You have it right, the single patch you mention will be enough to address CVE-2017-9058. It should replace this patch[1]. That will at least restore correct behaviour to the library.
However, this bugreport mentions several vulnerabilites, and the patch only covers CVE-2017-9058. As you can see on the github releases page[2], there have been many CVEs addressed in the past few releases. I don't know how feasible this is but if possible I highly recommend upgrading to 1.9.3.
[1] https:/
[2] https:/