file 1:5.14-2ubuntu3.4 source package in Ubuntu

Changelog

file (1:5.14-2ubuntu3.4) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via large number of notes or long
    string
    - debian/patches/CVE-2014-962x-pre*.patch: backport pre-requisite code
      changes.
    - debian/patches/CVE-2014-962x-1.patch: add a limit to the number of
      ELF notes processed in doc/file.man, doc/libmagic.man,
      src/apprentice.c, src/elfclass.h, src/file.c, src/file.h,
      src/file_opts.h, src/magic.c, src/magic.h.in, src/readelf.c.
    - debian/patches/CVE-2014-962x-2.patch: limit string printing to 100
      chars, and add flags in src/readelf.c.
    - CVE-2014-9620
    - CVE-2014-9621
  * SECURITY UPDATE: denial of service via crafted ELF file
    - debian/patches/CVE-2014-9653.patch: bail out on partial reads in
      src/readelf.c.
    - CVE-2014-9653
  * SECURITY UPDATE: memory corruption in file_check_mem.
    - debian/patches/CVE-2015-8865.patch: properly calculate length in
      src/funcs.c.
    - CVE-2015-8865
  * SECURITY UPDATE: out-of-bounds read via crafted ELF file
    - debian/patches/CVE-2018-10360.patch: add bounds check to
      src/readelf.c.
    - CVE-2018-10360

 -- Marc Deslauriers <email address hidden>  Wed, 13 Jun 2018 14:45:30 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2018-06-13
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Trusty updates on 2018-06-14 main utils
Trusty security on 2018-06-14 main utils

Downloads

File Size SHA-256 Checksum
file_5.14.orig.tar.gz 633.4 KiB 461ba01dd0900a3b7c2dcd901b04903192c07887a9c1928af0be507572c77fe4
file_5.14-2ubuntu3.4.debian.tar.xz 52.0 KiB d3da2cdf46592a7fa94b97dbf4a3f429c38516f068d4ac277c19588a9902ae8f
file_5.14-2ubuntu3.4.dsc 2.1 KiB dc2ae3f99bf06d462dc6e0377efdcae5a673b8e50967d1e53c1dafb54907518b

View changes file

Binary packages built by this source

file: Determines file type using "magic" numbers

 File tests each argument in an attempt to classify it. There are three sets of
 tests, performed in this order: filesystem tests, magic number tests, and
 language tests. The first test that succeeds causes the file type to be
 printed.

file-dbg: Determines file type using "magic" numbers (debug)

 File tests each argument in an attempt to classify it. There are three sets of
 tests, performed in this order: filesystem tests, magic number tests, and
 language tests. The first test that succeeds causes the file type to be
 printed.
 .
 This package contains the debugging symbols.

file-dbgsym: debug symbols for package file

 File tests each argument in an attempt to classify it. There are three sets of
 tests, performed in this order: filesystem tests, magic number tests, and
 language tests. The first test that succeeds causes the file type to be
 printed.

libmagic-dev: File type determination library using "magic" numbers (development)

 This library can be used to classify files according to magic number tests. It
 implements the core functionality of the file command.
 .
 This package contains the development files.

libmagic-dev-dbgsym: debug symbols for package libmagic-dev

 This library can be used to classify files according to magic number tests. It
 implements the core functionality of the file command.
 .
 This package contains the development files.

libmagic1: File type determination library using "magic" numbers

 This library can be used to classify files according to magic number tests. It
 implements the core functionality of the file command.

libmagic1-dbgsym: debug symbols for package libmagic1

 This library can be used to classify files according to magic number tests. It
 implements the core functionality of the file command.

python-magic: File type determination library using "magic" numbers (Python bindings)

 This library can be used to classify files according to magic number tests. It
 implements the core functionality of the file command.
 .
 This package contains the Python bindings.

python3-magic: File type determination library using "magic" numbers (Python 3 bindings)

 This library can be used to classify files according to magic number tests. It
 implements the core functionality of the file command.
 .
 This package contains the Python 3 bindings.