|
|
Subscribe / Log in / New account

Debian-LTS alert DLA-460-1 (file)



From:
    	      Markus Koschany <apo@debian.org> 


To:
    	      debian-lts-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DLA 460-1] file security update 


Date:
    	      Sat, 7 May 2016 16:23:47 +0200


Message-ID:
    	      <572DFA73.70506@debian.org>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : file
Version        : 5.11-2+deb7u9
CVE ID         : CVE-2015-8865


A malformed magic file could trigger a segmentation fault and thus crash
applications due to a buffer over-write in the file_check_mem function.

For Debian 7 "Wheezy", this problem has been fixed in version
5.11-2+deb7u9.

We recommend that you upgrade your file packages.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQJ8BAEBCgBmBQJXLfpzXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1Hk5EwP/1JOz0S7vfDAR2Fvd4T6z/Qu
kpLuZhMu/I5AYe0W/t4PcEROSKnVZ34SOTYbnd+pwAJNeBYfRfnScZGd3NLnui+/
Km1txkDVPYa6tBN778ki6R+ZBmugWk1VvPTl6LlbQX6o47e/Vh51rDOj1+jpsJZe
Ju+X9rXtbo9gbq1pj9lt2rbtK3xV9rnFS3RdNUXOMKL44asCLwZI+IqBx81O9BUx
r00MS7wyf3ya01uvI2ujAGjKX2ukZqcvmc8ifiN5KBV+v3bJA16/whchWqNsUVYt
OzQE0JSuCZ1Lnu37kdbwW3x6uBflW/N2MNNSZXUquAfeleT37ZViA/hfaZOLDnu+
yjVn+SKWpx3ipYU948r7BPhOTPphbMu8MXvNoLtR9zMYkP4gCnGt1JI3JGenSSJj
zitIVYtBaG0NYVITYpREn0ccTaCMSzfP55wvmI/6vXJghFBDGQfFgRU3CGK/0Xld
WvtqmB93k8k1yGefsq538QgcL12weiGsRybiAQP9BNpNdI3+t4l2YY7fjrkP8GIp
sIJIG+/jz1xEDL1HR6hkZ12hLPtUkKjCw/knBbuUpbbO+uycxg/5EOciu/safnLU
CcgyvBUMCv5cMhUpJkgwAu5Ku7N4U+SQpaV1iszEg0hRAE0F4svwlZMC2yAu8vi8
bm6zA0XZCdTdxGa3hoz8
=j3vf
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds