An issue was discovered in mgetty before 1.2.1. In faxnotifymail() in faxrec.c, the mail_to parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "1.2.1-1", "binary_name": "mgetty" }, { "binary_version": "1.2.1-1", "binary_name": "mgetty-docs" }, { "binary_version": "1.2.1-1", "binary_name": "mgetty-fax" }, { "binary_version": "1.2.1-1", "binary_name": "mgetty-fax-dbgsym" }, { "binary_version": "1.2.1-1", "binary_name": "mgetty-pvftools" }, { "binary_version": "1.2.1-1", "binary_name": "mgetty-pvftools-dbgsym" }, { "binary_version": "1.2.1-1", "binary_name": "mgetty-viewfax" }, { "binary_version": "1.2.1-1", "binary_name": "mgetty-voice" }, { "binary_version": "1.2.1-1", "binary_name": "mgetty-voice-dbgsym" } ] }