UbuntuUpdates.org

Package "mgetty-fax"

Name: mgetty-fax

Description:

Faxing tools for mgetty

Latest version: 1.2.1-1
Release: focal (20.04)
Level: base
Repository: universe
Homepage: http://mgetty.greenie.net/

Links


Download "mgetty-fax"


Other versions of "mgetty-fax" in Focal

No other version of this package is available in the Focal release.

Changelog

Version: 1.2.1-1 2020-04-28 21:55:07 UTC

  mgetty (1.2.1-1) unstable; urgency=medium

  * Bump upstream version to 1.2.1, amongst others:
    Harden faxq and faxrunq and others, fixes
    CVE-2018-16745, CVE-2018-16744, CVE-2018-16741, CVE-2018-16743, CVE-2018-16742.
    Closes: #910448

 -- Andreas Barth <email address hidden> Sat, 06 Oct 2018 22:17:07 +0200

910448 Update notification bar pushes content down
CVE-2018-16745 An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow a buffer ove
CVE-2018-16744 An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command
CVE-2018-16741 An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to p
CVE-2018-16743 An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(),
CVE-2018-16742 An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.



About   -   Send Feedback to @ubuntu_updates