-
file (1:5.34-2ubuntu0.1) cosmic-security; urgency=medium
* SECURITY UPDATE: buffer over-read in do_bid_note
- debian/patches/CVE-2019-8904-pre.patch: correct error handling for
file_printf() in src/readelf.c.
- debian/patches/CVE-2019-8904.patch: avoid non-nul-terminated string
read in src/readelf.c.
- CVE-2019-8904
* SECURITY UPDATE: overflows in do_core_note
- debian/patches/CVE-2019-8905_8907.patch: limit size of file_printable
in src/file.h, src/funcs.c, src/readelf.c, src/softmagic.c.
- CVE-2019-8905
- CVE-2019-8907
* SECURITY UPDATE: out-of-bounds read in do_core_note
- debian/patches/CVE-2019-8906.patch: add bounds check in
src/readelf.c.
- CVE-2019-8906
-- Marc Deslauriers <email address hidden> Wed, 13 Mar 2019 11:58:20 -0400
-
file (1:5.34-2) unstable; urgency=medium
* Cherry-pick from upstream: Handle [elf] files without program
headers gracefully. Closes: #882310
-- Christoph Biedl <email address hidden> Sun, 05 Aug 2018 19:53:19 +0200
-
file (1:5.33-3) unstable; urgency=high
* Avoid reading past the end of buffer. Closes: #901351
[CVE-2018-10360]
-- Christoph Biedl <email address hidden> Mon, 11 Jun 2018 22:52:24 +0200
-
file (1:5.33-2) unstable; urgency=medium
* Recognize ia64 and amd64 COFF files. Closes: #877643
* Disable erroneous DBPF detection that breaks SQLite and some
more. Closes: 897153
-- Christoph Biedl <email address hidden> Sun, 29 Apr 2018 12:13:32 +0200
-
file (1:5.32-2) unstable; urgency=medium
* No longer ship python-magic libraries, they are now provided
by src:python-magic
-- Christoph Biedl <email address hidden> Tue, 13 Feb 2018 21:43:38 +0100
