Information on source package hylafax

Available versions

ReleaseVersion
jessie3:6.0.6-6
stretch3:6.0.6-7
buster3:6.0.6-8
sid3:6.0.6-8

Resolved issues

BugDescription
CVE-2013-5680Heap-based buffer overflow in hfaxd in HylaFAX+ 5.2.4 through 5.5.3, ...
CVE-2005-3539Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier ...
CVE-2005-3538hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts ...
CVE-2005-3070HylaFax 4.2.1 and earlier does not create or verify ownership of the ...
CVE-2005-3069xferfaxstats in HylaFax 4.2.1 and earlier allows local users to ...
CVE-2004-1182hfaxd in HylaFAX before 4.2.1, when installed with a "weak" ...
CVE-2003-0886Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier ...
CVE-2002-1050Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote ...
CVE-2002-1049Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows ...
CVE-2001-1034Format string vulnerability in Hylafax on FreeBSD allows local users ...

Security announcements

DSA / DLADescription
DSA-933-1hylafax - arbitrary command execution
DSA-933-1hylafax - arbitrary command execution
DSA-865-1hylafax - insecure temporary files
DSA-865-1hylafax - insecure temporary files
DSA-634-1hylafax - weak hostname and username validation
DSA-401hylafax - format strings
DSA-148hylafax - buffer overflows and format string vulnerabilities

Search for package or bug name: Reporting problems