file 5.09-2ubuntu0.4 source package in Ubuntu
Changelog
file (5.09-2ubuntu0.4) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via awk rule backtracking
- debian/patches/CVE-2013-7345.patch: limit to 100 repetitions in
magic/Magdir/commands.
- CVE-2013-7345
* SECURITY UPDATE: denial of service in cdf_read_short_sector
- debian/patches/CVE-2014-0207.patch: properly calculate sizes in
src/cdf.c.
- CVE-2014-0207
* SECURITY UPDATE: denial of service in mconvert
- debian/patches/CVE-2014-3478.patch: properly handle truncated pascal
string size in src/softmagic.c.
- CVE-2014-3478
* SECURITY UPDATE: denial of service in cdf_check_stream_offset
- debian/patches/CVE-2014-3479.patch: properly calculate sizes in
src/cdf.c.
- CVE-2014-3479
* SECURITY UPDATE: denial of service in cdf_count_chain
- debian/patches/CVE-2014-3480.patch: properly calculate sizes in
src/cdf.c.
- CVE-2014-3480
* SECURITY UPDATE: denial of service in cdf_read_property_info
- debian/patches/CVE-2014-3487.patch: properly calculate sizes in
src/cdf.c.
- CVE-2014-3487
* SECURITY UPDATE: denial of service via awk rule backtracking
- debian/patches/CVE-2014-3538.patch: allow specifying lengths for
regex in src/apprentice.c, src/file.h, src/softmagic.c, adjust
existing expressions in magic/Magdir/commands, magic/Magdir/fortran,
magic/Magdir/graphviz, magic/Magdir/marc21, magic/Magdir/scientific,
magic/Magdir/troff, update manpage in doc/magic.man.
- CVE-2014-3538
-- Marc Deslauriers <email address hidden> Thu, 10 Jul 2014 12:00:51 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Precise
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| file_5.09.orig.tar.gz | 593.2 KiB | bde1c9830ee6c234871778faae8277fdcf775fbb16dea63c8251e24b7c2f869c |
| file_5.09-2ubuntu0.4.debian.tar.gz | 40.7 KiB | 79aef2d341c421e606a8e9bc925203da85b00435543770d1aaebb9f89fba9b77 |
| file_5.09-2ubuntu0.4.dsc | 2.0 KiB | 04efb9b61934b2e7afbddf9b4cf59cf7f005efd31e3ffff8a174b500c60e53f0 |
Available diffs
Binary packages built by this source
- file: Determines file type using "magic" numbers
File tests each argument in an attempt to classify it. There are three sets of
tests, performed in this order: filesystem tests, magic number tests, and
language tests. The first test that succeeds causes the file type to be
printed.
- libmagic-dev: File type determination library using "magic" numbers (development)
This library can be used to classify files according to magic number tests. It
implements the core functionality of the file command.
.
This package contains the development files.
- libmagic1: File type determination library using "magic" numbers
This library can be used to classify files according to magic number tests. It
implements the core functionality of the file command.
- python-magic: File type determination library using "magic" numbers (Python bindings)
This library can be used to classify files according to magic number tests. It
implements the core functionality of the file command.
.
This package contains the Python bindings.
- python-magic-dbg: File type determination library using "magic" numbers (Python bindings/debug)
This library can be used to classify files according to magic number tests. It
implements the core functionality of the file command.
.
This package contains the Python bindings, built for the Python debug
interpreter.
