Date: Thu, 27 Aug 1998 22:17:00 +0200 From: Martin Schulze <joey@kuolema.Infodrom.North.DE> To: Debian Security Announcements <debian-security-announce@lists.debian.org> Subject: [SECURITY] New versions of hylafax avoid security problem --OgqxwSJOaUobr8KG Content-Type: text/plain; charset=us-ascii We have received a report that the faxsurvey script that was included in former releases of hylafax would execute arbitrary commands. Please be warned that this package doesn't contain a fix, the offending script is just removed. We recommend you upgrade your hylafax-doc package immediately. dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.0 alias hamm ------------------------------- This version of Debian were released only for the Intel and the Motorola 68xxx architecture. All architectures: ftp://ftp.debian.org/debian/dists/stable-updates/hylafax-doc_4.0.2-5_all.deb MD5 checksum: 0d44ddfe046ba684080416790ee68c3c These files will be moved into ftp://ftp.debian.org/debian/dists/hamm/binary-$arch/ soon. For other architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . -- Debian GNU/Linux . Security Managers . security@debian.org debian-security-announce@lists.debian.org Christian Hudon <chrish@debian.org> . Martin Schulze <joey@debian.org> --OgqxwSJOaUobr8KG Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia iQCVAwUBNeW+uxRNm5Suj3z1AQHoKgP7Bk2b+1I1q1xr71WlKz7R2/MF+n6fGau9 1+i0C5LloaDrKvzgxBtkg7U0qGiZJHAAD4/1w9RhHGwrr/2JN17gjrDwyrVynxFU J4GuAVUoLIsE2ja6/bU5rIiRCjaPTlpD49Qt5j7F72AwdBtiLb/oN1BjSeLDChqK ezoCG9wGYZw= =dgpA -----END PGP SIGNATURE----- --OgqxwSJOaUobr8KG-- -- To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org