MGASA-2018-0456

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2018-0456.html

Import Source

https://advisories.mageia.org/MGASA-2018-0456.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2018-0456

Related

CVE-2018-17141

Published

2018-11-17T22:23:26Z

Modified

2018-11-17T21:58:13Z

Summary

Updated hylafax+ packages fix security vulnerability

Details

Luis Merino, Markus Vervier and Eric Sesterhenn discovered that missing input sanitising in the Hylafax fax software could potentially result in the execution of arbitrary code via a malformed fax message (CVE-2018-17141).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:6 / hylafax+

Package

Name: hylafax+
Purl: pkg:rpm/mageia/hylafax+?arch=source&distro=mageia-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

+-5.6.1-1.mga6

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2018-0456.json"