Update Info


Security update for hylafax+

Type: security
Severity: critical
Issued: 2019-03-23
This update for hylafax+ fixes the following issues:

Security issues fixed in 5.6.1:

- CVE-2018-17141: multiple vulnerabilities affecting fax page reception in JPEG format
  Specially crafted input may have allowed remote execution of arbitrary code (boo#1109084)

Additionally, this update also contains all upstream corrections and bugfixes in the 5.6.1 version, including:

- fix RFC2047 encoding by notify
- add jobcontrol PageSize feature
- don't wait forever after +FRH:3
- fix faxmail transition between a message and external types
- avoid pagehandling from introducing some unnecessary EOM signals
- improve proxy connection error handling and logging
- add initial ModemGroup limits feature
- pass the user's uid onto the session log file for sent faxes
- improve job waits to minimize triggers
- add ProxyTaglineFormat and ProxyTSI features



  • hylafax+-5.6.1-bp150.4.3.1