Information on source package hylafax

Available versions

ReleaseVersion
buster3:6.0.6-8.1
bullseye3:6.0.7-3.1
bookworm3:6.0.7-5
trixie3:6.0.7-5
sid3:6.0.7-6

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2020-15396vulnerable (no DSA)fixedfixedfixedfixedIn HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility ...

Resolved issues

BugDescription
CVE-2020-15397HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execut ...
CVE-2020-8024A Incorrect Default Permissions vulnerability in the packaging of hyla ...
CVE-2018-17141HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arb ...
CVE-2013-5680Heap-based buffer overflow in hfaxd in HylaFAX+ 5.2.4 through 5.5.3, w ...
CVE-2005-3539Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier a ...
CVE-2005-3538hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts arbitrar ...
CVE-2005-3070HylaFax 4.2.1 and earlier does not create or verify ownership of the U ...
CVE-2005-3069xferfaxstats in HylaFax 4.2.1 and earlier allows local users to overwr ...
CVE-2004-1182hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfax ...
CVE-2003-0886Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier all ...
CVE-2002-1050Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attacke ...
CVE-2002-1049Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows re ...
CVE-2001-1034Format string vulnerability in Hylafax on FreeBSD allows local users t ...

Security announcements

DSA / DLADescription
DLA-1515-1hylafax - security update
DSA-4298-1hylafax - security update
DSA-933-1hylafax - arbitrary command execution
DSA-865-1hylafax - insecure temporary files
DSA-634-1hylafax - weak hostname and username validation
DSA-401hylafax - format strings
DSA-148hylafax - buffer overflows and format string vulnerabilities

Search for package or bug name: Reporting problems