-
hylafax (3:6.0.7-5build1) lunar; urgency=medium
* Rebuild against latest tiff
-- Jeremy Bicha <email address hidden> Sat, 04 Feb 2023 21:38:52 -0500
-
hylafax (3:6.0.7-5) unstable; urgency=medium
* Include patches for a lot of typos in source code and documentation,
thanks to Friedhelm Mehnert.
* Fixed a syntax error in /usr/lib/hylafax/bin/faxaddmodem.
* Added a dependency for default-mta, as suggested by lintian.
* Reworked hylafax-server postinst in order to use deb-systemd-helper.
* Raised debhelper compat version from 9 to 11.
* Raised debian policy compliance to 4.6.2 without any change required.
-- Giuseppe Sacco <email address hidden> Wed, 18 Jan 2023 00:30:51 +0100
-
hylafax (3:6.0.7-4) unstable; urgency=medium
* Bug fix: "FTBFS with TIFF 4.5+", thanks to László Böszörményi
(Closes: #1027681)
-- Giuseppe Sacco <email address hidden> Sun, 08 Jan 2023 16:05:41 +0100
-
hylafax (3:6.0.7-3.1) unstable; urgency=medium
* NMU
* Bug fix: "FTBFS: Incompatible TIFF Library.", thanks to Lucas Nussbaum
(Closes: #978220).
* Bug fix: "CVE-2020-15397 CVE-2020-15396", thanks to Moritz Muehlenhoff
(Closes: #964198):
- The faxsetup utility
calls chown on files in user-owned directories.
By winning a race, a local attacker could use
this to escalate his privileges to root.
- Scripts that execute binaries from directories
writable by unprivileged users (e.g., locations under
/var/spool/hylafax that are
writable by the uucp account). This allows these users to
execute code in the context of the user calling these binaries
(often root).
-- Bastien Roucariès <email address hidden> Wed, 13 Jan 2021 13:00:13 +0000
