[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1515-1] hylafax security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : hylafax
Version        : 3:6.0.6-6+deb8u1
CVE ID         : CVE-2018-17141


Luis Merino, Markus Vervier and Eric Sesterhenn discovered that missing
input sanitising in the Hylafax fax software could potentially result in
the execution of arbitrary code via a malformed fax message.


For Debian 8 "Jessie", this problem has been fixed in version
3:6.0.6-6+deb8u1.

We recommend that you upgrade your hylafax packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJbprC3XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHf5sP/2JwRV24h2dM4j3nmz2vNUej
Mh1ahnlzWLNyIdeI+mV/vpOj9+0WLcuTTnDHrnqq36n+evu8Q71K5Af5bEv4MH+D
TXDOk0xRjb/cXg3/32LbDGDU46INB8dFSEJW5aeZkcOtD6VEKHPlRvL4V9Nu9RnP
dC892oh0TyTR56850czD3530pMvwYhEBd5kWIZinTTswq/mZVdffrdsY4XLvgh41
H5HizWPIqegBxW6BIMFsd9wXmXG4tfEe7Z4eUp2ADG3tBIXezQnA+NUfIr1+0erl
bG+JjARpD443um0JXETIr6ZuQf7Dxqyrcr3SMw2VobXPQujRosOEvPtyf3afqcAA
H5O+8fiLU7kN9FCcW/Zrgpyo0y56ndnSg36MExWosF+KNeH7KwnB0QjFGrpAegwQ
H5hftYRLGnMURDSYkiFACyXI2ESjXyXjpi8w//AgakstcFaGsoBgypnMkwIvzMhD
RHXVVlXp9Z+P8QHCptAF5AC6t8PfzEjyEy9fO272fdlEf/8V3pa0RznNafmNqxTm
Fk1PLKH1lAzeMDdh6saG6azNkhx6FiE8QxlR70mGYrTzkkRiXgm/ebJiYpNvcCqO
REdyvXAgbLfKNRwxXkJaS/B84pqE13UaL6UphWT05aRhNRcrTR4PkEsXiB8i9xuU
WxfJC69YfBGhXy3/269r
=9kEG
-----END PGP SIGNATURE-----


Reply to: