Format: 1.8
Date: Thu, 10 Jul 2014 09:40:56 -0400
Source: file
Binary: file file-dbg libmagic1 libmagic-dev python-magic python3-magic
Architecture: amd64
Version: 1:5.14-2ubuntu3.1
Distribution: trusty
Urgency: medium
Maintainer: Ubuntu/amd64 Build Daemon <buildd@tipua.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 file       - Determines file type using "magic" numbers
 file-dbg   - Determines file type using "magic" numbers (debug)
 libmagic-dev - File type determination library using "magic" numbers (developmen
 libmagic1  - File type determination library using "magic" numbers
 python-magic - File type determination library using "magic" numbers (Python bin
 python3-magic - File type determination library using "magic" numbers (Python 3 b
Changes: 
 file (1:5.14-2ubuntu3.1) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: denial of service via awk rule backtracking
     - debian/patches/CVE-2013-7345.patch: limit to 100 repetitions in
       magic/Magdir/commands.
     - CVE-2013-7345
   * SECURITY UPDATE: denial of service in cdf_read_short_sector
     - debian/patches/CVE-2014-0207.patch: properly calculate sizes in
       src/cdf.c.
     - CVE-2014-0207
   * SECURITY UPDATE: denial of service in mconvert
     - debian/patches/CVE-2014-3478.patch: properly handle truncated pascal
       string size in src/softmagic.c.
     - CVE-2014-3478
   * SECURITY UPDATE: denial of service in cdf_check_stream_offset
     - debian/patches/CVE-2014-3479.patch: properly calculate sizes in
       src/cdf.c.
     - CVE-2014-3479
   * SECURITY UPDATE: denial of service in cdf_count_chain
     - debian/patches/CVE-2014-3480.patch: properly calculate sizes in
       src/cdf.c.
     - CVE-2014-3480
   * SECURITY UPDATE: denial of service in cdf_read_property_info
     - debian/patches/CVE-2014-3487.patch: properly calculate sizes in
       src/cdf.c.
     - CVE-2014-3487
   * SECURITY UPDATE: denial of service via awk rule backtracking
     - debian/patches/CVE-2014-3538.patch: allow specifying lengths for
       regex in src/apprentice.c, src/file.h, src/softmagic.c, adjust
       existing expressions in magic/Magdir/commands, magic/Magdir/fortran,
       magic/Magdir/graphviz, magic/Magdir/marc21, magic/Magdir/scientific,
       magic/Magdir/troff, update manpage in doc/magic.man.
     - CVE-2014-3538
   * debian/patches/commands-strength.patch: reduce strength of awk rule so
     it doesn't get priority over perl scripts.
Checksums-Sha1: 
 bbc1494f7a9d50b5bfb28b2d36a2ec44a3360cca 18786 file_5.14-2ubuntu3.1_amd64.deb
 276370d6fbf790c2754cc0f2c7f47b65b9c0fe5e 131280 file-dbg_5.14-2ubuntu3.1_amd64.deb
 2099fecf4814c5878ebc8cfadc2853cd378f26b5 184336 libmagic1_5.14-2ubuntu3.1_amd64.deb
 4cc3d2d29c93c90119806bfd45e4ff016f89ad70 62538 libmagic-dev_5.14-2ubuntu3.1_amd64.deb
Checksums-Sha256: 
 5ffe45a4cb31ffee943a6f4d7a8c8860c53cc26f562d149c097c39d8fd1a5947 18786 file_5.14-2ubuntu3.1_amd64.deb
 1d3de3b9809743363dd25565d9d8343388b7521e71a2678171d62c8012ab5ee4 131280 file-dbg_5.14-2ubuntu3.1_amd64.deb
 1a06302803814941acee1e85748a9f9ad834548dcb7fb7b9129257db115d9d4a 184336 libmagic1_5.14-2ubuntu3.1_amd64.deb
 5fd3677db1f7b810807d93e446c723e0815c785afe34094d266dc43ecff0b343 62538 libmagic-dev_5.14-2ubuntu3.1_amd64.deb
Files: 
 e4cf93b2a6f9793eb66a24d95a3d92fa 18786 utils standard file_5.14-2ubuntu3.1_amd64.deb
 87154b0f4761c35248489b9d424a31b9 131280 debug extra file-dbg_5.14-2ubuntu3.1_amd64.deb
 61abea0dcf9c6fcac5cfde7bf36026b6 184336 libs standard libmagic1_5.14-2ubuntu3.1_amd64.deb
 2ce6a3db4d8b6d49c0a33c832e691ace 62538 libdevel optional libmagic-dev_5.14-2ubuntu3.1_amd64.deb
Original-Maintainer: Luk Claes <luk@debian.org>