Change logs for file source package in Wily
-
file (1:5.22+15-2ubuntu1) wily; urgency=medium * Merge from Debian unstable. Remaining changes: - Adjust python build dependencies for cross builds. - Allow the package to cross-build. * Dropped patches included in new version: - debian/patches/CVE-2014-3710.patch - debian/patches/CVE-2014-8116.patch - debian/patches/CVE-2014-8117.patch - debian/patches/pr398-truncate-pascal-strings.patch file (1:5.22+15-2) unstable; urgency=medium * Restore detection of some jpeg files. Closes: #780095 file (1:5.22+15-1) unstable; urgency=high * Use upstream commit FILE5_22-11-ge452600 to include yet another security fix (PR/411). file (1:5.22+2-1) unstable; urgency=medium * New upstream version. Closes: #774219 * Use upstream commit FILE5_22-2-g9f0601f to include all recent fixes. file (1:5.21+15-1) unstable; urgency=high * Fixes a security issue, urgency set to high * New upstream version 5.21 - Limit number of elf program and sections processing - Reduce the number of recursion levels Closes: #773148 (CVE-2014-8116, CVE-2014-8117) * Use upstream commit FILE5_21-15-ge7e96a9 to include all recent fixes. file (1:5.20-2) unstable; urgency=high * Fixes a security issue, urgency set to high * Cherry-pick upstream commit FILE5_20-5-g39c7ac1: Fix note bounds reading, Francisco Alonso / Red Hat (CVE-2014-3710). Closes: #768806 -- Marc Deslauriers <email address hidden> Thu, 21 May 2015 08:33:43 -0400
-
file (1:5.20-1ubuntu2) vivid; urgency=medium * SECURITY UPDATE: DoS via insufficient note headers - debian/patches/CVE-2014-3710.patch: handle running out of not headers in src/readelf.c. - CVE-2014-3710 * SECURITY UPDATE: DoS in ELF parser - debian/patches/CVE-2014-8116.patch: limit number of headers and capabilities in src/elfclass.h, src/readelf.c. - CVE-2014-8116 * SECURITY UPDATE: DoS via missing recursion limits - debian/patches/CVE-2014-8117.patch: lower recursion level and allow it to be set from the command line in src/apprentice.c, src/file.c, src/file.h, src/file_opts.h, src/funcs.c, src/magic.c, src/magic.h.in, src/softmagic.c, add new option to documentation in doc/file.man, doc/libmagic.man. - CVE-2014-8117 * SECURITY UPDATE: DoS via long pascal strings - debian/patches/pr398-truncate-pascal-strings.patch: correctly calculate size in src/softmagic.c. - No CVE number * debian/libmagic1.symbols: added new symbols -- Marc Deslauriers <email address hidden> Tue, 27 Jan 2015 08:28:35 -0500