openSUSE Security Update : hylafax+ (openSUSE-2020-1210)

high Nessus Plugin ID 139653

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for hylafax+ fixes the following issues :

Hylafax was updated to upstream version 7.0.3.

Security issues fixed :

- CVE-2020-15396: Secure temporary directory creation for faxsetup, faxaddmodem, and probemodem (boo#1173521).

- CVE-2020-15397: Sourcing of files into binaries from user writeable directories (boo#1173519).

Non-security issues fixed :

- add UseSSLFax feature in sendfax, sendfax.conf, hyla.conf, and JobControl (31 Jul 2020)

- be more resilient in listening for the Phase C carrier (30 Jul 2020)

- make sure to return to command mode if HDLC receive times out (29 Jul 2020)

- make faxmail ignore boundaries on parts other than multiparts (29 Jul 2020)

- don't attempt to write zero bytes of data to a TIFF (29 Jul 2020)

- don't ever respond to CRP with CRP (28 Jul 2020)

- reset frame counter when a sender retransmits PPS for a previously confirmed ECM block (26 Jul 2020)

- scrutinize PPM before concluding that the sender missed our MCF (23 Jul 2020)

- fix modem recovery after SSL Fax failure (22, 26 Jul 2020)

- ignore echo of PPR, RTN, CRP (10, 13, 21 Jul 2020)

- attempt to handle NSF/CSI/DIS in Class 1 sending Phase D (6 Jul 2020)

- run scripts directly rather than invoking them via a shell for security hardening (3-5 Jul 2020)

- add senderFumblesECM feature (3 Jul 2020)

- add support for PIN/PIP/PRI-Q/PPS-PRI-Q signals, add senderConfusesPIN feature, and utilize PIN for rare conditions where it may be helpful (2, 6, 13-14 Jul 2020)

- add senderConfusesRTN feature (25-26 Jun 2020)

- add MissedPageHandling feature (24 Jun 2020)

- use and handle CFR in Phase D to retransmit Phase C (16, 23 Jun 2020)

- cope with hearing echo of RR, CTC during Class 1 sending (15-17 Jun 2020)

- fix listening for retransmission of MPS/EOP/EOM if it was received corrupt on the first attempt (15 Jun 2020)

- don't use CRP when receiving PPS/PPM as some senders think we are sending MCF (12 Jun 2020)

- add BR_SSLFAX to show SSL Fax in notify and faxinfo output (1 Jun 2020)

- have faxinfo put units on non-standard page dimensions (28 May 2020)

- improve error messages for JobHost connection errors (22 May 2020)

- fix perpetual blocking of jobs when a job preparation fails, attempt to fix similar blocking problems for bad jobs in batches, and add 'unblock' faxconfig feature (21 May 2020)

- ignore TCF if we're receiving an SSL Fax (31 Jan 2020)

- fixes for build on FreeBSD 12.1 (31 Jan - 3 Feb 2020)

Solution

Update the affected hylafax+ packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1173519

https://bugzilla.opensuse.org/show_bug.cgi?id=1173521

Plugin Details

Severity: High

ID: 139653

File Name: openSUSE-2020-1210.nasl

Version: 1.3

Type: local

Agent: unix

Published: 8/18/2020

Updated: 2/26/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2020-15397

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:hylafax%2b, p-cpe:/a:novell:opensuse:hylafax%2b-client, p-cpe:/a:novell:opensuse:hylafax%2b-client-debuginfo, p-cpe:/a:novell:opensuse:hylafax%2b-debuginfo, p-cpe:/a:novell:opensuse:hylafax%2b-debugsource, p-cpe:/a:novell:opensuse:libfaxutil7_0_3, p-cpe:/a:novell:opensuse:libfaxutil7_0_3-debuginfo, cpe:/o:novell:opensuse:15.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/14/2020

Vulnerability Publication Date: 6/30/2020

Reference Information

CVE: CVE-2020-15396, CVE-2020-15397