file 1:5.14-2ubuntu3.4 source package in Ubuntu
Changelog
file (1:5.14-2ubuntu3.4) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service via large number of notes or long
string
- debian/patches/CVE-2014-962x-pre*.patch: backport pre-requisite code
changes.
- debian/patches/CVE-2014-962x-1.patch: add a limit to the number of
ELF notes processed in doc/file.man, doc/libmagic.man,
src/apprentice.c, src/elfclass.h, src/file.c, src/file.h,
src/file_opts.h, src/magic.c, src/magic.h.in, src/readelf.c.
- debian/patches/CVE-2014-962x-2.patch: limit string printing to 100
chars, and add flags in src/readelf.c.
- CVE-2014-9620
- CVE-2014-9621
* SECURITY UPDATE: denial of service via crafted ELF file
- debian/patches/CVE-2014-9653.patch: bail out on partial reads in
src/readelf.c.
- CVE-2014-9653
* SECURITY UPDATE: memory corruption in file_check_mem.
- debian/patches/CVE-2015-8865.patch: properly calculate length in
src/funcs.c.
- CVE-2015-8865
* SECURITY UPDATE: out-of-bounds read via crafted ELF file
- debian/patches/CVE-2018-10360.patch: add bounds check to
src/readelf.c.
- CVE-2018-10360
-- Marc Deslauriers <email address hidden> Wed, 13 Jun 2018 14:45:30 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Trusty | updates | main | utils | |
| Trusty | security | main | utils |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| file_5.14.orig.tar.gz | 633.4 KiB | 461ba01dd0900a3b7c2dcd901b04903192c07887a9c1928af0be507572c77fe4 |
| file_5.14-2ubuntu3.4.debian.tar.xz | 52.0 KiB | d3da2cdf46592a7fa94b97dbf4a3f429c38516f068d4ac277c19588a9902ae8f |
| file_5.14-2ubuntu3.4.dsc | 2.1 KiB | dc2ae3f99bf06d462dc6e0377efdcae5a673b8e50967d1e53c1dafb54907518b |
Available diffs
Binary packages built by this source
- file: Determines file type using "magic" numbers
File tests each argument in an attempt to classify it. There are three sets of
tests, performed in this order: filesystem tests, magic number tests, and
language tests. The first test that succeeds causes the file type to be
printed.
- file-dbg: Determines file type using "magic" numbers (debug)
File tests each argument in an attempt to classify it. There are three sets of
tests, performed in this order: filesystem tests, magic number tests, and
language tests. The first test that succeeds causes the file type to be
printed.
.
This package contains the debugging symbols.
- file-dbgsym: debug symbols for package file
File tests each argument in an attempt to classify it. There are three sets of
tests, performed in this order: filesystem tests, magic number tests, and
language tests. The first test that succeeds causes the file type to be
printed.
- libmagic-dev: File type determination library using "magic" numbers (development)
This library can be used to classify files according to magic number tests. It
implements the core functionality of the file command.
.
This package contains the development files.
- libmagic-dev-dbgsym: debug symbols for package libmagic-dev
This library can be used to classify files according to magic number tests. It
implements the core functionality of the file command.
.
This package contains the development files.
- libmagic1: File type determination library using "magic" numbers
This library can be used to classify files according to magic number tests. It
implements the core functionality of the file command.
- libmagic1-dbgsym: debug symbols for package libmagic1
This library can be used to classify files according to magic number tests. It
implements the core functionality of the file command.
- python-magic: File type determination library using "magic" numbers (Python bindings)
This library can be used to classify files according to magic number tests. It
implements the core functionality of the file command.
.
This package contains the Python bindings.
- python3-magic: File type determination library using "magic" numbers (Python 3 bindings)
This library can be used to classify files according to magic number tests. It
implements the core functionality of the file command.
.
This package contains the Python 3 bindings.
