file 5.09-2ubuntu0.6 source package in Ubuntu

Changelog

file (5.09-2ubuntu0.6) precise-security; urgency=medium

  * SECURITY UPDATE: DoS via insufficient note headers
    - debian/patches/CVE-2014-3710.patch: handle running out of not headers
      in src/readelf.c.
    - CVE-2014-3710
  * SECURITY UPDATE: DoS in ELF parser
    - debian/patches/CVE-2014-8116.patch: limit number of headers and
      capabilities in src/elfclass.h, src/readelf.c.
    - CVE-2014-8116
  * SECURITY UPDATE: DoS via missing recursion limits
    - debian/patches/CVE-2014-8117.patch: lower recursion level and allow
      it to be set from the command line in src/file.{c,h},
      src/file_opts.h, src/funcs.c, src/magic.c, src/magic.h,
      src/softmagic.c, add new option to documentation in
      doc/file.man, doc/libmagic.man.
    - CVE-2014-8117
  * SECURITY UPDATE: DoS via long pascal strings
    - debian/patches/pr398-truncate-pascal-strings.patch: correctly
      calculate size in src/softmagic.c.
    - No CVE number
 -- Marc Deslauriers <email address hidden>   Tue, 27 Jan 2015 10:10:29 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2015-01-27
Uploaded to:
Precise
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Precise updates on 2015-02-04 main utils
Precise security on 2015-02-04 main utils

Downloads

File Size SHA-256 Checksum
file_5.09.orig.tar.gz 593.2 KiB bde1c9830ee6c234871778faae8277fdcf775fbb16dea63c8251e24b7c2f869c
file_5.09-2ubuntu0.6.debian.tar.gz 45.9 KiB 6885de2de285d34066e303ae160f373c3fcf872c16b6da3eaecfba06913f8ade
file_5.09-2ubuntu0.6.dsc 2.0 KiB f62554f46d9154667058b462b93a10935aa1e161f3b96e4d624cba35694bf106

View changes file

Binary packages built by this source

file: Determines file type using "magic" numbers

 File tests each argument in an attempt to classify it. There are three sets of
 tests, performed in this order: filesystem tests, magic number tests, and
 language tests. The first test that succeeds causes the file type to be
 printed.

libmagic-dev: File type determination library using "magic" numbers (development)

 This library can be used to classify files according to magic number tests. It
 implements the core functionality of the file command.
 .
 This package contains the development files.

libmagic1: File type determination library using "magic" numbers

 This library can be used to classify files according to magic number tests. It
 implements the core functionality of the file command.

python-magic: File type determination library using "magic" numbers (Python bindings)

 This library can be used to classify files according to magic number tests. It
 implements the core functionality of the file command.
 .
 This package contains the Python bindings.

python-magic-dbg: File type determination library using "magic" numbers (Python bindings/debug)

 This library can be used to classify files according to magic number tests. It
 implements the core functionality of the file command.
 .
 This package contains the Python bindings, built for the Python debug
 interpreter.