projects / HylaFAX / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: dfc8a6f)
Address CVE-2018-17141 and fixes a few vulnerabilities in code supporting JPEG master
authorPatrice Fournier <patrice.fournier@ifax.com>
Tue, 18 Sep 2018 03:00:53 +0000 (23:00 -0400)
committerPatrice Fournier <patrice.fournier@ifax.com>
Tue, 18 Sep 2018 19:18:50 +0000 (15:18 -0400)
commitc6cac8d8cd0dbe313689ba77023e12bc5b3027be
tree36b679a9ae280490f309e5add5fc9fe8e7e1c89ctree | snapshot
parentdfc8a6ffe5a6031c6df716186681f92dac0d07cbcommit | diff
Address CVE-2018-17141 and fixes a few vulnerabilities in code supporting JPEG

These changes are adapted from Lee's fix for this vulnerability.

Luis Merino, Markus Vervier, and Eric Sesterhenn of X41 D-SEC GmbH
(Security Advisory: X41-2018-008) discovered an uninitialized pointer write
and also an out-of-bounds write in FaxModem::writeECMData() that could lead
to remote code execution with a specially-crafted fax sender.

These changes fix the coding errors and deliberately prevent malicious and
malfunctioning senders from inadvertently or deliberately setting JPEG and
MH/MR/MMR/JBIG formats in the same DCS signal.
faxd/Class2.c++ diff | blob | blame | history
faxd/CopyQuality.c++ diff | blob | blame | history
libhylafax/Class2Params.c++ diff | blob | blame | history
HylaFAX