SUSE-SU-2020:3065-1 Security update for sane-backends

This update for sane-backends fixes the following issues: sane-backends was updated to 1.0.31 to further improve hardware enablement for scanner devices jscECO-2418 jscSLE-15561 jscSLE-15560 and also fix various security issues: - CVE-2020-12861,CVE-2020-12865: Fixed an out of bounds write...

DLA-2332-2 sane-backends - regression update

Bulletin has no description...

Updated sane packages fix security vulnerabilities

A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080. CVE-2020-12861 An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same...

MGASA-2020-0360 Updated sane packages fix security vulnerabilities

A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080. CVE-2020-12861 An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same...

Ubuntu: Security Advisory (USN-4470-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : sane-backends vulnerabilities (USN-4470-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4470-1 advisory. Kritphong Mongkhonvanit discovered that sane-backends incorrectly handled certain packets. A remote attacker could possibly use...

USN-4470-1: sane-backends vulnerabilities

Kritphong Mongkhonvanit discovered that sane-backends incorrectly handled certain packets. A remote attacker could possibly use this issue to obtain sensitive memory information. This issue only affected Ubuntu 16.04 LTS. CVE-2017-6318 It was discovered that sane-backends incorrectly handled...

Debian: Security Advisory (DLA-2332-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2332-2 : sane-backends regression update

A regression was introduced in DLA-2332-1, where changes in the Debian package building process triggered a bug in the sane-backends packages, causing missing files. For Debian 9 stretch, this problem has been fixed in version 1.0.25-4.1+deb9u2. We recommend that you upgrade your sane-backends...

DLA-2332-1 sane-backends - security update

Bulletin has no description...

sane-backends: Heap buffer overflow in epsonds_net_read in epsonds-net.c

A flaw was found in sane-backends in versions prior to 1.0.30. A heap buffer overflow in epsondsnetread function could lead to a remote denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

sane-backends: Heap buffer overflow in esci2_img

A flaw was found in sane-backends in versions prior to 1.0.30. A heap buffer overflow in the esci2img function could lead to a remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

RHEL 8 : sane-backends (RHSA-2020:3045)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3045 advisory. Scanner Access Now Easy SANE is a universal scanner interface. The SANE application programming interface API provides standardized access t...

sane-backends: Heap buffer overflow in esci2_img

A flaw was found in sane-backends in versions prior to 1.0.30. A heap buffer overflow in the esci2img function could lead to a remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

Important: Red Hat Security Advisory: sane-backends security update

An update for sane-backends is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

sane-backends: Heap buffer overflow in epsonds_net_read in epsonds-net.c

A flaw was found in sane-backends in versions prior to 1.0.30. A heap buffer overflow in epsondsnetread function could lead to a remote denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

RHEL 8 : sane-backends (RHSA-2020:2967)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2967 advisory. Scanner Access Now Easy SANE is a universal scanner interface. The SANE application programming interface API provides standardized access t...

Oracle Linux 8 : sane-backends (ELSA-2020-2902)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-2902 advisory. 1.0.27-19.1 - 1852468, 1852467, 1852466, 1852465 - prevent buffer overflow in esci2img - 1852668, 1852667, 1852666, 1852665 - disable autodiscovery for...

sane-backends: Heap buffer overflow in epsonds_net_read in epsonds-net.c

A flaw was found in sane-backends in versions prior to 1.0.30. A heap buffer overflow in epsondsnetread function could lead to a remote denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

sane-backends: Heap buffer overflow in esci2_img

A flaw was found in sane-backends in versions prior to 1.0.30. A heap buffer overflow in the esci2img function could lead to a remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...