Security update for hylafax+ (critical)

ID OPENSUSE-SU-2018:2797-2
Type suse
Reporter Suse
Modified 2018-09-22T09:29:24


This update for hylafax+ fixes the following issues:

Security issues fixed in 5.6.1:

  • CVE-2018-17141: multiple vulnerabilities affecting fax page reception in JPEG format Specially crafted input may have allowed remote execution of arbitrary code (boo#1109084)

Additionally, this update also contains all upstream corrections and bugfixes in the 5.6.1 version, including:

  • fix RFC2047 encoding by notify
  • add jobcontrol PageSize feature
  • don't wait forever after +FRH:3
  • fix faxmail transition between a message and external types
  • avoid pagehandling from introducing some unnecessary EOM signals
  • improve proxy connection error handling and logging
  • add initial ModemGroup limits feature
  • pass the user's uid onto the session log file for sent faxes
  • improve job waits to minimize triggers
  • add ProxyTaglineFormat and ProxyTSI features