hylafax+-7.0.3-5.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10852-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z hylafax+-7.0.3-5.1 on GA media These are all security issues fixed in the hylafax+-7.0.3-5.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10852 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2018-17141/ SUSE CVE CVE-2018-17141 page https://www.suse.com/security/cve/CVE-2020-15396/ SUSE CVE CVE-2020-15396 page https://www.suse.com/security/cve/CVE-2020-15397/ SUSE CVE CVE-2020-15397 page https://www.suse.com/security/cve/CVE-2020-8024/ SUSE CVE CVE-2020-8024 page openSUSE Tumbleweed hylafax+-7.0.3-5.1 hylafax+-client-7.0.3-5.1 libfaxutil7_0_3-7.0.3-5.1 hylafax+-7.0.3-5.1 as a component of openSUSE Tumbleweed hylafax+-client-7.0.3-5.1 as a component of openSUSE Tumbleweed libfaxutil7_0_3-7.0.3-5.1 as a component of openSUSE Tumbleweed HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file. CVE-2018-17141 openSUSE Tumbleweed:hylafax+-7.0.3-5.1 openSUSE Tumbleweed:hylafax+-client-7.0.3-5.1 openSUSE Tumbleweed:libfaxutil7_0_3-7.0.3-5.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17141.html CVE-2018-17141 https://bugzilla.suse.com/1109084 SUSE Bug 1109084 In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root. CVE-2020-15396 openSUSE Tumbleweed:hylafax+-7.0.3-5.1 openSUSE Tumbleweed:hylafax+-client-7.0.3-5.1 openSUSE Tumbleweed:libfaxutil7_0_3-7.0.3-5.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15396.html CVE-2020-15396 https://bugzilla.suse.com/1173521 SUSE Bug 1173521 HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uucp account). This allows these users to execute code in the context of the user calling these binaries (often root). CVE-2020-15397 openSUSE Tumbleweed:hylafax+-7.0.3-5.1 openSUSE Tumbleweed:hylafax+-client-7.0.3-5.1 openSUSE Tumbleweed:libfaxutil7_0_3-7.0.3-5.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15397.html CVE-2020-15397 https://bugzilla.suse.com/1173519 SUSE Bug 1173519 A Incorrect Default Permissions vulnerability in the packaging of hylafax+ of openSUSE Leap 15.2, openSUSE Leap 15.1, openSUSE Factory allows local attackers to escalate from user uucp to users calling hylafax binaries. This issue affects: openSUSE Leap 15.2 hylafax+ versions prior to 7.0.2-lp152.2.1. openSUSE Leap 15.1 hylafax+ version 5.6.1-lp151.3.7 and prior versions. openSUSE Factory hylafax+ versions prior to 7.0.2-2.1. CVE-2020-8024 openSUSE Tumbleweed:hylafax+-7.0.3-5.1 openSUSE Tumbleweed:hylafax+-client-7.0.3-5.1 openSUSE Tumbleweed:libfaxutil7_0_3-7.0.3-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-8024.html CVE-2020-8024 https://bugzilla.suse.com/1172731 SUSE Bug 1172731