Your message dated Tue, 25 Sep 2018 07:05:32 +0000 with message-id <e1g4hpy-000fw7...@fasolo.debian.org> and subject line Bug#909161: fixed in hylafax 3:6.0.6-8.1 has caused the Debian Bug report #909161, regarding hylafax: CVE-2018-17141 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 909161: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909161 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: hylafax Version: 3:6.0.6-1 Severity: grave Tags: patch security upstream Control: fixed -1 3:6.0.6-7+deb9u1 Hi, The following vulnerability was published for hylafax: CVE-2018-17141[0]. Fix commited as [1]. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-17141 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17141 [1] http://git.hylafax.org/HylaFAX?a=commit;h=82fa7bdbffc253de4d3e80a87d47fdbf68eabe36 Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: hylafax Source-Version: 3:6.0.6-8.1 We believe that the bug you reported is fixed in the latest version of hylafax, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 909...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated hylafax package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 23 Sep 2018 08:11:23 +0200 Source: hylafax Binary: hylafax-server hylafax-client hylafax-server-dbg hylafax-client-dbg Architecture: source Version: 3:6.0.6-8.1 Distribution: unstable Urgency: high Maintainer: Giuseppe Sacco <eppes...@debian.org> Changed-By: Salvatore Bonaccorso <car...@debian.org> Closes: 909161 Description: hylafax-client - Flexible client/server fax software - client utilities hylafax-client-dbg - Flexible client/server fax software - client utilities hylafax-server - Flexible client/server fax software - server daemons hylafax-server-dbg - Debug symbols for the hylafax server Changes: hylafax (3:6.0.6-8.1) unstable; urgency=high . * Non-maintainer upload. * A remote attacker can write to an unitialized pointer during a FAX reception session in Hylafax (CVE-2018-17141) (Closes: #909161) Checksums-Sha1: 3f32ca346b137d0639ad2d3171a0e06f14d19ad4 2281 hylafax_6.0.6-8.1.dsc 8fe48b806978ec51f5f844c7b677ba34fc08750d 68252 hylafax_6.0.6-8.1.debian.tar.xz Checksums-Sha256: a3f48a16c110595fa903cf88a1c389f12bd1774b1d377bdd2c4509ae77571128 2281 hylafax_6.0.6-8.1.dsc 4a5b4ad59bb0e43e38fa613fd6a1ae465380c34b0d70734063b8b8040f6332d6 68252 hylafax_6.0.6-8.1.debian.tar.xz Files: 4c56f3b78bc97260ed95cc53d27b4ac8 2281 comm extra hylafax_6.0.6-8.1.dsc 17abf77ce99e83500effbf9ee1e40b58 68252 comm extra hylafax_6.0.6-8.1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlunMOhfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EG2UP/0YKX/qwUSBkTbvoK/mpjnH5y654HMbp qTbGwGZGOZ/2tuQ6WZBBi/xR/jPFlx9RSQKpxBaGknAbOhkTzHDw+qY9R+RIDguY jBvbbNir1ZcgzqKfcKmOh8fHmEaiHKnkiFLLwXI8EOVolUTTADrPnAOh+eXjp2Ff dIwCeGr2WYYRvzO7xW6nHZKQgXkfZ6fw7y+QnTmIDqoCGqVnrCag+RtpPHpH+S4L 1LWLITCFIiKP+okg4sD2j1hOUeLOZtjc3F0UYQg+QTl3IHrufKQoV4b9Qn2eVq6C 0Q7ZrKRaWjDJbzmjLo1QeFOrar6+6ftVpZBKyS38Wvad9LVVNaWGB5bCXQS+xE7m MOiMNlQjzKgaer/YED+MzyrKMxbibJLK5C5SDx0aIiy3+3K9PESQPCh/TR0cZrXD 0PdME6tTdgiE09CS/PT3ix3/NBENI2YNBwl15WrwLYmgJJTe7viyieukP5dhvG92 QR7RxbxfDROu3FvEaFMHiA/r7ozfYY8n8IJSs/YTRuoNM//w92pEtRTtGuHP4FrG gTPCnF8wAjUesG2nW+fX4NZ4vtgWY2TKBa3ltpw1UaHIt5h6DJXOkCIQYIuW8tSl 1rSrF8R4Z5RD6YVebPkaOKMHdzdL1Ubtg5HVDDZ1KBfKAdXPJGEpLAdgYkgDrvTg 2bf5ydDpwddY =n/oR -----END PGP SIGNATURE-----
--- End Message ---
